[Contents] [Prev] [Next] [Index] [Report an Error]

Example: Configuring Source NAT Pools (CLI)

Source NAT pools provide JUNOS Software with a supply of addresses from which to draw when translation is performed.

Note: When the JUNOS Software performs source NAT, security policies are applied first, and then the address in question is translated according to configured source NAT rules.

In this example, you perform the following tasks:

To configure a source NAT pool with port address translation:

user@host# set security nat source pool src-nat-with-pat routing-instance reduser@host# set security nat source pool src-nat-with-pat address 10.1.1.1user@host# set security nat source pool src-nat-with-pat address 10.1.1.10 to 10.1.1.20

To configure a source NAT pool without port address translation:

user@host# set security nat source pool src-nat-without-pat routing-instance reduser@host# set security nat source pool src-nat-without-pat address 10.1.1.100 to 10.1.1.150user@host# set security nat source pool src-nat-without-pat port no-translation user@host# set security nat source pool src-nat-without-pat overflow-pool src-nat-with-pat

To configure a source NAT pool by specifying an IP address and prefix:

user@host# set security nat source pool src-nat-with-prefix routing-instance reduser@host# set security nat source pool src-nat-with-prefix address 10.1.1.0/24

To configure a source NAT pool with host address shifting:

user@host# set security nat source pool src-nat-by-shifting routing-instance reduser@host# set security nat source pool src-nat-by-shifting address 10.1.1.200 to 10.1.1.250user@host# set security nat source pool src-nat-by-shifting host-address-base 192.168.1.1

To configure pool utilization alarms and address to be persistent:

user@host# set security nat source pool-utilization-alarm raise-threshold 80 clear-threshold 70user@host# set security nat source address-persistent

Related Topics

[Contents] [Prev] [Next] [Index] [Report an Error]


[an error occurred while processing this directive]