Destination Nat Policy - Juniper NETWORK AND SECURITY MANAGER 2010.3 - ADMINISTRATION GUIDE REV1 Administration Manual

Destination NAT Policy

Copyright © 2010, Juniper Networks, Inc.
—Enables you to edit the address of the selected destination.
Edit Address
—Enables you to delete a destination.
Delete Address
:
Dest Port
Edit —Enables you to copy and paste the values that are within this field.
Edit Destination Port
Under the Action header: Select a row and right-click to perform the following actions:
—Enables you to edit the action set previously. If you select a pool as the
Edit Action
action, then you get the options to configure persistent NAT, as follows:
Select the Persistent NAT
—Time, in seconds, that the persistent NAT binding remains in
Inactivity Timeout
the device's memory when all the sessions of the binding entry are gone. When
the configured time-out is reached, the binding is removed from memory.
Max Session Number
binding can be associated.
—Can have one of the following values:
Permit
—All requests from a specific internal IP address and port are
Any remote host
mapped to the same reflexive transport address.
—All requests from a specific internal IP address and port are mapped
Target host
to the same reflexive transport address.
—All requests from a specific internal IP address and port are
Target host port
mapped to the same reflexive transport address.
For more information on persistent NAT, see
http:/ /www.juniper.net/techpubs/software/junos-security/junos-security10.0/junos-security-swconfig-security/
understand-persistent-nat-section.html#understand-persistent-nat-section
Right-click on the
Install On
remove the NAT policy.
View the applicable shared objects in the drop-down list in the
section of the window. You can add, edit, delete and search for shared objects, which
are applicable to the specific NAT rulebase.
Destination NAT policy is used to allow hosts from public network to communicate with
private network through the translation of the destination IP address within a packet
that is entering the Juniper Networks device. For more information on destination NAT,
see
http://www.juniper.net/techpubs/software/junos-security/junos-security10.0/
junos-security-swconfig-security/jd0e90828.html#jd0e90837
—Enables you to edit the port range.
check box to implement this functionality.
—Maximum number of sessions with which a persistent NAT
column to select a target device on which to install or
Chapter 11: Configuring Junos NAT Policies
.
Shared Objects for Policy
.
535