Example: Configuring Destination NAT (CLI)
JUNOS Software allows you to define NAT rules to translate the destination address from one IP address to another.
In this example, you perform the following tasks:
- Define a destination NAT rule for traffic from routing-instance ri-1 to address 1.1.1.1. Translate the destination IP address to 2.2.2.10.
- Define a destination NAT rule for traffic from zone Z2 to address 1.1.1.1. Translate the destination IP address to 2.2.2.20.
- Define a destination NAT rule for traffic from interface fe-0/0/0.0 to address 1.1.1.1. Translate the destination IP address to 2.2.2.30.
user@host# set security nat destination pool
dpool-1 routing-instance ri-1user@host# set security nat destination pool
dpool-1 address 2.2.2.10user@host# set security nat destination pool
dpool-2 routing-instance ri-1user@host# set security nat destination pool
dpool-2 address 2.2.2.20user@host# set security nat destination pool
dpool-3 routing-instance ri-1user@host# set security nat destination pool
dpool-3 address 2.2.2.30
user@host# set security nat destination rule-set
rs2 from routing-instance ri-1user@host# set security nat destination rule-set
rs2 rule r1 match destination-address 1.1.1.1user@host# set security nat destination rule-set
rs2 rule r1 then destination-nat pool dpool-1
user@host# set security nat destination rule-set
rs3 from zone Z2user@host# set security nat destination rule-set
rs3 rule r2 match destination-address 1.1.1.1user@host# set security nat destination rule-set
rs3 rule r2 then destination-nat pool dpool–2
user@host# set security nat destination rule-set
rs4 from interface fe-0/0/0.0user@host# set security nat destination rule-set
rs4 rule r3 match destination-address 1.1.1.1user@host# set security nat destination rule-set
rs4 rule r3 then destination-nat pool dpool-3
Related Topics
- JUNOS Software Feature Support Reference for SRX Series and J Series Devices
- Understanding Destination NAT
- Destination NAT Configuration Overview
- Verifying NAT Configuration