SRX Services Gateway
Highlighted
SRX Services Gateway

Nating issue

‎12-16-2011 04:23 AM

Dear Experts,

 

i am converting ScreenOS configuration to Junos. in ScreenOS i have below below configuration for nating. as in Junos interface mode can't b configured as Nat. someone will help me how to converted below screenOS to Junos. thanks

 

ScreenOS config::

 

set interface "ethernet4.2" tag 11 zone "Trust"

set interface ethernet4.2 ip 192.168.3.52/29
set interface ethernet4.2 nat

 

Regards//GF

2 REPLIES 2
Highlighted
SRX Services Gateway

Re: Nating issue

‎12-20-2011 01:38 AM

Hi

 

That will be something like

 

set security nat source rule-set rs1 from interface [your interface]

set security nat source rule-set rs1 to zone untrust (or other zone)

set security nat source rule-set rs1 rule 1 match source-address 0.0.0.0/0

set security nat source rule-set rs1 rule 1 then source-nat interface

 

 

Best Regards,
PK

Juniper Ambassador, Juniper Networks Certified Instructor,
JNCIE-SEC #98, JNCIE-ENT #393, JNCIE-SP #2253
Twitter: @JuniperTrain
GitHub: https://github.com/pklimai
[Juniper Authorized Education & Support in Russia]
Highlighted
SRX Services Gateway

Re: Nating issue

‎12-20-2011 06:12 PM

pk is correct on this, but as a general rule for control and security, it's Juniper's recommendation to not use interface NAT but rather use rules, in screenos it was policy options.

________________________________________________


If my post helped you, please feel free to give me kudos.
Feedback