Junos
Junos

Configure NAT with global security zone on SRX

03.23.12   |  
‎03-23-2012 09:02 PM

hi all

i need to translate this Netscreen500 configration to junos.SRX

need your help thanks .

 

Netscreen config:

 

set interface ethernet1/2.115 ip 172.25.50.73/29
set interface ethernet1/2.115 route

 

set interface "ethernet1/2.115" mip 1.1.1.2 host 172.25.49.138 netmask 255.255.255.255
set policy id 37 from "Untrust" to "Global" "Any" "MIP(1.1.1.2)" "DNS" permit log


1 REPLY
Junos

Re: Configure NAT with global security zone on SRX

[ Edited ]
03.24.12   |  
‎03-24-2012 09:41 AM

You need to configure 2 nat rules and 2 policies I think

 

1 source nat for outbound traffic

1 static nat to replace the MIP

 

1 policy outbound

1 policy inbound

 

Please read this first and come back with questions if something isn't clear:

 

http://www.juniper.net/us/en/local/pdf/app-notes/3500152-en.pdf 

 

best regards,

Screenie.
Juniper Ambassador,
JNCIA IDP AC WX JNCIS FW SSL JNCIP SEC ENT SP JNCI

If this worked for you please flag my post as an "Accepted Solution" so others can benefit. A kudo would be cool if you think I earned it.