Manu,
You can try some script like:
services {
nat {
pool external {
address-range low 200.204.x.a high 200.204.5.x.f;
port automatic;
}
rule internet {
match-direction output;
term internet {
from {
source-address {
192.168.5.0/24;
}
}
then {
translated {
source-pool external;
translation-type {
source dynamic;
}
}
}
}
term all {
from { <------ Introduce the APP for MGT
source-address {
any-unicast;
}
}
then {
no-translation;
}
}
}
}
service-set internet {
nat-rules internet;
interface-service {
service-interface sp-0/0/0;
}
}
}
http://www.wztech.com.br/config/junos-nat-internet
It's possible...
Let's see your stateful-firewall rules...
Stefan Fouant
Principal Network Engineer
NeuStar, Inc. - http://www.neustar.biz
On Wed, Jun 18, 2008 at 2:17 PM, Manu Chao <[EMAIL PROTECTED]> wrote:
Hello,
I have configured Source NAT on a J router by using the public WAN IP for
the NAT pool range.
NAT work fine but i can no longer manage my router from the public
network...
Questions:
How can i correct my NAT configuration in order to manage my router with
the
same IP than the NAT POOL?
Is it possible or need i an additionnal public IP?
Here is my configuration:
interfaces {
ge-/0/0/0 {
description WAN;
unit 0 {
family inet {
service {
input {
service-set jweb-wan-sfw-service-set;
}
output {
service-set jweb-wan-sfw-service-set;
}
}
address 1.1.1.1/24;
services {
service-set jweb-wan-sfw-service-set {
stateful-firewall-rules jweb-sfw-to-wan;
stateful-firewall-rules jweb-sfw-from-wan;
nat-rules jweb-nat-to-wan;
interface-service {
service-interface sp-0/0/0;
}
nat {
pool jweb-nat-pool {
address-range 1.1.1.1/32;
port automatic;
}
rule jweb-nat-to-wan {
match-direction output;
term jweb-nat-term {
then {
translated {
source-pool jweb-nat-pool;
translation-type {
source dynamic;
Any help will be appreciated!!!!
Regards,
Manu
_______________________________________________
juniper-nsp mailing list juniper-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp
_______________________________________________
juniper-nsp mailing list juniper-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp
__________ Information from ESET NOD32 Antivirus, version of virus signature
database 3198 (20080618) __________
The message was checked by ESET NOD32 Antivirus.
http://www.eset.com
_______________________________________________
juniper-nsp mailing list juniper-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp