destination (Security Destination NAT)
Syntax
destination {
pool pool-name {
address <ip-address> {
(port port-number | to ip-address);
}
description text;
routing-instance (routing-instance-name | default);
}
rule-set rule-set-name {
description text;
from {
interface [interface-name];
routing-instance [routing-instance-name];
zone [zone-name];
}
rule rule-name {
description text;
match {
application {
[application];
any;
}
(destination-address ip-address| destination-address-name address-name);
destination-port (port-or-low <to high>);
protocol [protocol-name-or-number];
source-address [ip-address];
source-address-name [address-name];
}
then {
destination-nat (off | pool pool-name |rule-session-count-alarm (clear-threshold value | raise-threshold value));
}
}
}
}
Hierarchy Level
[edit security nat]
Description
Configure destination NAT, which allows you to configure the following:
Translate destination IP address or addresses to a specific IP address.
Translate destination IP address or addresses and port number(s) to a specific IP address and one port number.
Translate a range of destination IP addresses to another range of IP addresses. This mapping is one-to-one, static, and without PAT.
Options
The remaining statements are explained separately. See CLI Explorer.
Required Privilege Level
security—To view this statement in the configuration.
security-control—To add this statement to the configuration.
Release Information
Statement modified in Junos OS Release
9.6. The description option added in Junos OS Release 12.1.
Statement modified in Junos OS Release 12.1X45-D10. Statement modified
in Junos OS Release 12.1X47-D10.