JUNIPER SRX: SOURCE NAT (INTERFACE BASED SOURCE NAT)
#########NAT Configuration########
>set security nat source rule-set NAT-IBN description source_nat
>set security nat source rule-set NAT-IBN from zone untrust
>set security nat source rule-set NAT-IBN to zone untrust
>set security nat source rule-set NAT-IBN rule NAT-IBN-Rule description NAT_IBN_Rule
>set security nat source rule-set NAT-IBN rule NAT-IBN-Rule match source-address 10.10.10.11/32
>set security nat source rule-set NAT-IBN rule NAT-IBN-Rule match destination-address 0.0.0.0/0
>set security nat source rule-set NAT-IBN rule NAT-IBN-Rule then source-nat interface
#######Firewall Policy configuration#########
>set security policies from-zone untrust to-zone untrust policy allow-win-server match source-address 10.10.10.11
>set security policies from-zone untrust to-zone untrust policy allow-win-server match destination-address any
>set security policies from-zone untrust to-zone untrust policy allow-win-server match application any
>set security policies from-zone untrust to-zone untrust policy allow-win-server then permit
>set security zones security-zone untrust address-book address 10.10.10.11 10.10.10.11/32
#######Static Route configuration#########
set routing-instances untrust routing-options static route 0.0.0.0/0 next-hop 192.168.1.1
Comments
Post a Comment