rule (Security Source NAT)
Syntax
rule rule-name {
description text;
match {
application {
[application];
any;
}
(destination-address <ip-address> | destination-address-name <address-name>);
destination-port (port-or-low <to high>);
protocol [protocol-name-or-number];
source-address [ip-address];
source-address-name [address-name];
source-port (port-or-low <to high>)
}
then {
source-nat {
interface {
persistent-nat {
address-mapping;
inactivity-timeout seconds;
max-session-number value;
permit (any-remote-host | target-host | target-host-port);
}
}
off;
pool <pool-name>
persistent-nat {
address-mapping;
inactivity-timeout seconds;
max-session-number number;
permit (any-remote-host | target-host | target-host-port);
}
}
}
}
}
Hierarchy Level
[edit security nat source rule-set rule-set-name]
Description
Define a source NAT rule.
Options
rule-name—Name of the source NAT rule.description—Description of the source NAT rule.
The remaining statements are explained separately. See CLI Explorer.
Required Privilege Level
security—To view this statement in the configuration.
security-control—To add this statement to the configuration.
Release Information
Statement modified in Junos OS Release
9.6. The description option added in Junos OS Release 12.1.
Statement modified in Junos OS Release 12.1X45-D10. Statement modified
in Junos OS Release 12.1X47-D10.