ming created CLOUDSTACK-10003:
---------------------------------
Summary: automatic configure juniper srx/vsrx nat loopback
Key: CLOUDSTACK-10003
URL: https://issues.apache.org/jira/browse/CLOUDSTACK-10003
Project: CloudStack
Issue Type: Improvement
Security Level: Public (Anyone can view this level - this is the default.)
Components: Automation
Affects Versions: 4.9.0.1, 4.8.1.1, 4.10.0.0, 4.9.0, 4.8.0
Environment: network-pluge juniper srx
Reporter: ming
Fix For: 4.9.0.1, 4.8.1.1, 4.10.0.0, 4.9.0, 4.8.0
automatic configure juniper srx/vsrx nat loopback,
constraint condition that manual configure source nat in juniper srx,allowed vm
vist public network :
zone : trust to {trust,untrust}
rule : source address {0.0.0.0/0},destination address{0.0.0.0/0} ,do source nat
with pool {public network getway ip}.
code change for trust to trust destination or static nat:
add srxCommand :CHECK_PRIVATE_IF_EXISTS. for add/delete rule to detect whether
exist or not contain DestinationNatRule or StaticNatRule (ruleName_private) in
trust zone .
add DestinationNatRule (ruleName_private) to trust zone when ADD
DestinationNatRule to untrust .
delete DestinationNatRule (ruleName_private) from trust zone when DELETE
DestinationNatRule from untrust.
add StaticNatRule (ruleName_private) to trust zone when ADD StaticNatRule to
untrust .
delete StaticNatRule (ruleName_private) from trust zone when DELETE
StaticNatRule from untrust.
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)
