Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 
ON THIS PAGE
 

Selecting NAT Destination

The following procedures provides various methods that you can use to choose an endpoint as a NAT destination:

Adding an Endpoint as NAT Destination

View and select the destination endpoint from the complete list of addresses, interfaces, services, zones, routing instances, or ports.

  1. Click the Destination field. A list of relevant endpoints are displayed.
  2. Click the View more results link provided at the bottom of the destination endpoints. The complete list of addresses, interfaces, services, zones, and routing instances, is displayed in the End Points panel on the right.
  3. (Optional) Click the edit icon to edit the address, service, or port endpoint.
  4. Click check mark icon () to select the endpoint as a destination.

Selecting Interfaces when GWR Resides Inside an NFX Box

The physical interfaces of an NFX box are mapped to the virtual interfaces of the Gateway Router (GWR) (vSRX Virtual Firewall) as given in Table 1. These are the default mappings provided by CSO. You may change these interface mappings based on your requirements.

Table 1: NFX and GWR Interface Mapping

NFX Physical Interface

GWR Virtual Interface

WAN 0 (ge-0/0/10)

ge-0/0/2

WAN 1 (ge-0/0/11)

ge-0/0/3

WAN 2 (xe-0/0/12)

ge-0/0/7

WAN 3 (xe-0/0/13)

ge-0/0/8

LAN-X (ge-0/0/X)

Ge-0/0/06.<vlan-id-for-X>

When you create a new NAT rule and an NFX physical interface is intended as the destination endpoint, select the respective mapped GWR interface.

Selecting NAT Destination Using Abbreviations

Enter an abbreviation in the Destination field to select the destination endpoint from a filtered list of destination endpoints.

  • To view a filtered list of addresses, enter ADDR or addr.

  • To view a filtered list of interfaces, enter INTR or intr.

  • To view a filtered list of services, enter SVCS or svcs.

  • To view a filtered list of zones, enter ZONE or zone.

  • To view a filtered list of routing instances, enter ROUT or rout.

Click the endpoints in the filtered list to select them.

You can add a port number as a destination endpoint. To do so:

  1. Enter PORT or port in Destination.
  2. Press Tab.
  3. Enter the port number and press Enter.

    You can also enter a range of ports by using the separator -. For example, you can enter 10-20.

The entered port value is selected as a destination endpoint.

You can also select the endpoint from the complete list of addresses, interfaces, services, zones, and routing instances. See Adding an Endpoint as NAT Destination.

Selecting a NAT Destination from the End Points Panel

You can select a NAT destination endpoint from the End Points panel. Alternately, you can create a new NAT destination endpoint from the End Points panel, see Creating and Selecting a NAT Destination from the End Points Panel.

To select a NAT destination endpoint from the End Points panel:

  1. Click the Destination field.
  2. Click the lesser-than icon (<) on the right.

    The End Points panel appears, displaying the list of available addresses, interfaces, services, zones, and routing instances.

  3. (Optional) To view more information about a destination endpoint, click the details icon on the right of the endpoint. To edit the destination endpoint, click the edit icon (pencil symbol) on the right of the endpoint.
    Note:

    You can only edit or view details of a destination endpoint if these options appear on right side of the endpoint when you hover over it. Not all endpoints provide these options.

  4. Click the check mark icon () to add the endpoint as a destination.

Creating and Selecting a NAT Destination from the End Points Panel

To create a new destination endpoint from the End Points panel:

  1. Click the add icon (+) on the top right of the panel and select the type of endpoint you want to create, among the options provided.

    Based on the option you select, the respective page appears. Fill in the required details to create a new endpoint.

    After the endpoint is created, it appears in the Endpoints panel.

  2. Click the check mark icon () to add the new endpoint as a destination.

Creating Addresses from Destination Field

You can use one of the following ways to create a new address from the Destination and use the newly created address as a destination endpoint:

  • Type the address directly in the Destination field. If the address is valid, it is created immediately and added as a destination endpoint.

  • Create an address from the Destination field, using the following steps:

    1. In the Destination field, type addr. The Add new address link appears at the bottom of the list of addresses.

    2. Click Add new address to create a new address.

      The Create Addresses page appears.

    3. Configure the new address. See Creating Addresses or Address Groups.

    4. Click Save to save the new address.

      The new address is created, and will be listed as an option for the destination. Select the new address to add it to the destination.

Creating Services from Destination Field

To create a new service from the Destination field and use the newly created service as a destination endpoint:

  1. In the Destination link, type svcs. The Add new service link appears at the bottom of the list of services.
  2. Click Add new service to create a new service.

    The Create Services page appears.

  3. Configure the new service. See Creating Services and Service Groups.
  4. Click Save to save the new service.

    The new service is created, and will be listed as an option for the destination. Select the new service to add it to the destination.

Related Documentation