Table of Contents
Advertisement
JunosE 11.2.x IP Services Configuration Guide
Bidirectional NAT Example
78
host1:blue(config)#access-list justcorp permit 10.10.2.0 0.0.0.255
Create the NAPT dynamic translation rule.
7.
host1:blue(config)#ip nat inside source list justcorp pool corpxyz overload
Configure a default route to the outside interface.
8.
host1:blue(config)#ip route 0.0.0.0 0.0.0.0 gigabitEthernet 3/0.1
Configure a null route for the inside global addresses to prevent routing loops when
9.
no matching translation exists.
host1:blue(config)#ip route 192.32.6.0 255.255.255.248 null 0
NOTE: Null route applies to 192.32.6.0–192.32.6.3, which do not exist in the address
pool
All hosts that use private addresses in both the field office and the corporate office must
have their addresses translated to one of the three addresses in the pool. Because this
example uses NAPT, the interface can use only one pool address, depending on the
number of inside hosts attempting to access the outside at any given time.
Figure 7 on page 78 illustrates how outside hosts can initiate conversations with inside
hosts through the use of a DNS server that resides on the inside network.
The inside realm uses basic NAT. The inside network uses a mix of private subnetwork
address space (192.168.22/24) and registered public addresses.
Figure 7: Bidirectional NAT Example
To configure this example:
Enter the correct virtual router context.
1.
host1(config)#virtual-router blue
Mark the inside interface.
2.
host1:blue(config)#interface serial 1/1:1/1
host1:blue(config-interface)#ip nat inside
host1:blue(config-interface)#exit
Copyright © 2010, Juniper Networks, Inc.
Advertisement
Table of Contents
