port (Security Source NAT)
Syntax
port {
block-allocation {
active-block-timeout timeout-interval;
block-size block-size;
interim-logging-interval timeout-interval;
last-block-recycle-timeout timeout-interval;
log disable;
maximum-blocks-per-host maximum-block-number;
}
deterministic {
block-size block-size;
host {
address ip-address;
address-name address-name ;
}
}
no-translation;
port-overloading-factor number;
range {
port-low <to port-high>;
to port-high;
twin-port port-low <to port-high>;
}
}
Hierarchy Level
[edit security nat source pool pool-name]
Description
Specify the Port Address Translation (PAT) for a source pool.
Options
block-allocation—Allocates a block of ports for translation, instead of allocating individual ports.deterministic—Maps an incoming (source) IP address and port to the specific destination address and port block, based on a predefined deterministic NAT algorithm.no-translation—Specifies that no PAT is required. This option cannot be configured with theport-overloading-factororrangeoptions.port-overloading-factor number—Configures the port overloading capacity in source NAT. This option cannot be configured with theno-translationoption.range port-low <to port-high>—Specifies the port number range attached to each address in the pool. This option cannot be configured with theno-translationoption.twin port—Configures the twin port range for source NAT pools to avoid port overloading.
The remaining statements are explained separately.
Required Privilege Level
security—To view this statement in the configuration.
security-control—To add this statement to the configuration.
Release Information
Statement introduced in Junos OS Release
9.2. Statement updated with block-allocation, deterministic, and twin-port options in Junos OS Release 12.1X47-D10.
Statement updated with interim-logging-interval and last-block-recycle-timeout options in Junos OS Release 15.1X49-D60.