I'm a recent Cisco convert - trying to wrap my head around the Juniper was of dealing with NAT.
I'm trying to get a setup working where I can allow inbound traffic through the NAT to specific internal machines. Ideally I'd like to be able to map things at a port level - ie. port 80 on external address X goes to port Y on internal address Z. I have things working to the point where I can NAT a specific internal address to a specific external address (see config at the end), with everyone else using PAT on a different address. But I can't seem to figure out how I allow inbound traffic through. This is on a J-4350, if that makes any difference... Any pointers in the right direction would be most appreciated! -- matt Here's my service nat config. I have the service-set for this applied on the internal interface: rule NAT { match-direction input; term static-matt { from { source-address { 192.168.1.238/32; } } then { translated { source-pool static-matt; translation-type { source static; } } } } term dynamic { then { translated { source-pool dynamic; translation-type { source dynamic; } } } } } } _______________________________________________ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp