Glad to help.
FYI, MS-MIC commands equivalent to MS-DPC "show services stateful-f..."
usually start with "show services sessions..."
Thx
Alex
On 08/03/2016 19:28, Aaron wrote:
Alexander, you’re awesome J
Thanks, that’s all I needed!
Also, I had to realize the CGNAT Day One doc that I’ve been reading
since it’s based on the MS-DPC, the show service nat mapping detail
doesn’t work either, but apparently the mx104 with ms-mic uses show
services stateful-firewall flows is what I needed to use to see flows.
Aaron
*From:*Alexander Arseniev [mailto:arsen...@btinternet.com]
*Sent:* Tuesday, March 8, 2016 10:36 AM
*To:* Aaron <aar...@gvtc.com>; juniper-nsp@puck.nether.net
*Subject:* Re: [j-nsp] nat - non-inline - service card ms-mic-16G in mx104
Hello,
MS-MIC service interfaces are called ms-*, not sp-*.
Also, You don't need these lines with MS-MIC:
set chassis fpc 1 pic 0 adaptive-services service-package layer-3
set interfaces sp-1/0/0 services-options cgn-pic
And the recommended JUNOS version for MS-MIC CGNAT is 14.2R5 or newer.
Thx
Alex
On 08/03/2016 17:21, Aaron wrote:
Anybody know what I'm doing wrong ? I can't seem to get nat to work. I'm
trying to do v4 to v4 with port translation (NAPT-44) using NON-inline nat.
so I'm using an MX104 with a MS-MIC-16G
FPC 1 BUILTIN BUILTIN MPC BUILTIN
MIC 0 REV 17 750-123456 123456 MS-MIC-16G
PIC 0 BUILTIN BUILTIN MS-MIC-16G
My config currently..
Ge-1/3/1 is my nat inside interface
Ge-1/3/2 is my nat outside interface
root> show configuration | display set
set version 13.3R6.5
set system root-authentication encrypted-password "removed"
set system syslog user * any emergency
set system syslog file messages any notice
set system syslog file messages authorization info
set system syslog file interactive-commands interactive-commands any
set chassis fpc 1 pic 0 adaptive-services service-package layer-3
set services service-set sset2 nat-rules rule1
set services service-set sset2 interface-service service-interface sp-1/0/0
set services nat pool nat1 address 1.2.3.0/25
set services nat pool nat1 port automatic auto
set services nat rule rule1 match-direction input
set services nat rule rule1 term other1 from source-address-range low
9.9.9.1 high 9.9.9.100
set services nat rule rule1 term other1 then translated source-pool nat1
set services nat rule rule1 term other1 then translated translation-type
napt-44
set interfaces sp-1/0/0 description "cgn interface"
set interfaces sp-1/0/0 services-options cgn-pic
set interfaces sp-1/0/0 unit 0 family inet
set interfaces ge-1/3/0 disable
set interfaces ge-1/3/1 description private
set interfaces ge-1/3/1 speed 100m
set interfaces ge-1/3/1 unit 0 family inet service input service-set sset2
set interfaces ge-1/3/1 unit 0 family inet service output service-set sset2
set interfaces ge-1/3/1 unit 0 family inet address 10.144.1.5/30
set interfaces ge-1/3/2 description public
set interfaces ge-1/3/2 speed 100m
set interfaces ge-1/3/2 unit 0 family inet address 10.144.2.5/30
set routing-options static route 9.9.9.0/24 next-hop 10.144.1.6
_______________________________________________
juniper-nsp mailing listjuniper-...@puck.nether.net
<mailto:juniper-nsp@puck.nether.net>
https://puck.nether.net/mailman/listinfo/juniper-nsp
_______________________________________________
juniper-nsp mailing list juniper-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp
