Table of Contents
Advertisement
JunosE 11.2.x IP Services Configuration Guide
80
Figure 8: Twice NAT Example
To configure this example:
Enter the correct virtual router context.
1.
host1(config)#virtual-router blue
Mark the inside interface.
2.
host1:blue(config)#interface fast-ethernet 6/1
host1:blue(config-interface)#ip nat inside
host1:blue(config-interface)#exit
Mark the outside Interface.
3.
host1:blue(config)#interface atm 3/0.20
host1:blue(config-interface)#ip nat outside
host1:blue(config-interface)#exit
Create the address pool for inside source translations.
4.
host1:blue(config)#ip nat pool entAoutpool 12.220.1.0 12.220.255.255 prefix-length
16
NOTE: This pool is purposely smaller than the size of the company network because
not all private hosts are likely to access the public network at the same time.
Create the access list for addresses eligible for dynamic translation.
5.
host1:blue(config)#access-list entAout permit 15.12.0.0 0.0.255.255
Create the dynamic translation rule for outbound traffic.
6.
host1:blue(config)#ip nat inside source list entAout pool entAoutpool
Create the address pool for outside source translations.
7.
Using an address range of 10.1.32.0/8 prevents any overlap with the private network
(15.12.0.0/16).
host1:blue(config)#ip nat pool entAinpool 10.1.32.1 10.1.32.255 prefix-length 16
NOTE: This pool is purposely small, allowing for only a few connections.
Copyright © 2010, Juniper Networks, Inc.
Advertisement
Table of Contents
