See the following sections:
- source-nat
{
- address-persistent;
-
- pool-set
pool-set-name
{
- pool
pool-name
;
- }
-
- pool-utilization-alarm {
- clear-threshold
clear-threshold
;
- raise-threshold
raise-threshold
;
- }
- }
- [edit security nat]
Statement introduced in Release 8.5 of JUNOS software.
Configure source Network Address Translation (NAT).
This statement is supported on J-series devices.
The remaining statements are explained separately.
For configuration instructions and examples, see the JUNOS Software Security Configuration Guide.
security—To view this statement in the configuration.
security-control—To add this statement to the configuration.
- pool pool-name {
address prefix;
address-range high ip-address low ip-address;
allow-incoming;
host-address-low ip-address;
no-port-translation;
overflow-pool (interface | pool-name);
}
}
- [edit security nat interface interface-name]
Statement introduced in Release 8.5 of JUNOS software.
Configure source NAT for an interface.
This statement is supported on J-series devices.
The remaining statements are explained separately.
For configuration instructions and examples, see the JUNOS Software Security Configuration Guide.
security — To view this statement in the configuration.
security-control — To add this statement to the configuration.
- source-nat (pool pool-name | pool-set pool-set-name | interface);
- [edit security policies from-zone zone-name to-zone zone-name policy policy-name then permit]
Statement introduced in Release 8.5 of JUNOS software.
Specify that source NAT be used in the security policy.
This statement is supported on J-series devices.
pool pool-name— Use the specified NAT source address pool.
pool-set pool-set-name — Use the specified NAT source address pool set.
interface — Use the interface’s NAT source address pool.
For configuration instructions and examples, see the JUNOS Software Security Configuration Guide.
security — To view this statement in the configuration.
security-control — To add this statement to the configuration.
- source-nat (off | interface | pool pool-name);
- [edit security nat source rule-set rule-set-name rule rule-name then]
Statement introduced in Release 9.2 of JUNOS software.
Specify the action of the source NAT rule.
This statement is supported on SRX-series devices.
off — Do not perform the source NAT operation.
interface — Use egress interface IPv4 address to perform the source NAT.
pool — pool-nameUse user-defined source NAT pool to perform the source NAT.
For configuration instructions and examples, see the JUNOS Software Security Configuration Guide.
security — To view this statement in the configuration.
security-contro l— To add this statement to the configuration.