M120 Nat implementation. TCP connections drop

01.26.12   |  
‎01-26-2012 03:29 AM

So i`ve made a config in attach


So all this conf was made to allow internet acces from 10.x network with dns servers.

It works great only with ping or dns requests. But all TCP connetcions drops and I can`t figure out why. Test PC can`not acces internet from 10.x network (


What is wrong???



Re: M120 Nat implementation. TCP connections drop

01.29.12   |  
‎01-29-2012 10:41 PM

so i`ve added another part of conf and it worked. but i can`t anderstand why. 

stateful-firewall {
rule allow_tcp {
match-direction input-output;
term 1 {
from {
applications [ junos-http junos-dns-udp junos-telnet junos-dns-tcp junos-ip junos-smtp junos-traceroute junos-pptp junos-ntalk junos-pop3 ICQ ];
then {


why should i add such a rule& why can`t i just add a rule such as: from destination-address Any unicast?


anyone can help me out???