Table of Contents
Advertisement
Adding a Rule to a Destination NAT Rule Set
Copyright © 2010, Juniper Networks, Inc.
In general, the list displays the zones configured within a specific device or
just the shared zones depending on whether the
box is selected (default) or not and can have the following values:
The default zone (
this zone, if you do not wish to configure anything new.
Other zones, if you have added them previously. To add a new zone, use
Object Manager
—Select the interface(s) from the list. The interfaces are listed only
Interface
if you have imported the device to NSM. Hence, for modeled devices, no
interfaces are listed.
Click
OK
.
c.
A rule set with the specified name gets created and is displayed in the
window.
The next step is to add rules to the rule set. For more information, see "Adding a Rule
to a Destination NAT Rule Set" on page 537.
To add a new rule to a rule set:
From the
Destination NAT
1.
Click (
) at the upper left corner of the
2.
+
Select
to add a new rule to the selected rule set. The
Add Rule
3.
appears.
Here, you must specify a unique name for the rule and set the conditions and the
action to be performed when the traffic matches these conditions, as follows:
Enter a name, which uniquely identifies the rule within the rule set.
a.
Select the source address from the list. The addresses listed here represent the
b.
hosts that are in the public network.
Select the destination address from the list. This address represents the public
c.
IP address through which the traffic enters the private network.
Select a destination port. This is the port through which the traffic enters the
d.
private network.
Specify one of the following actions:
e.
—Do not perform destination NAT.
Off
Chapter 11: Configuring Junos NAT Policies
junos-global
), which ships with the device. You can use
>
.
Zone Objects
tab, select the rule set to which you want to add the rule.
Destination NAT
check
Select From Device
Security Policy
tab.
dialog box
New Rule
537
Advertisement
Table of Contents
