[ Contents] [ Prev] [ Next] [ Index] [ Report an Error]

Understanding Rule-Based Destination NAT on SRX-series Services Gateways

JUNOS software with enhanced services allows you to create NAT rules to translate the destination address from one IP address to another. For SRX-series devices (unlike J-series), NAT is de-coupled from policies. SRX-series NAT has its own NAT rules to regulate traffic and to perform address translation.

Note: When performing destination NAT on SRX-series devices, the address in question is first translated according to configured NAT destination rules and then security policies are applied.

Before You Begin

For background information, read Destination IP Address Translation Overview.

The following types of destination NAT are supported on SRX-series services gateway:

The main configuration tasks for destination NAT on SRX-series services gateways are as follows:

Note: When you configure a security policy on SRX-series services gateways, each policy optionally indicates whether it allows NAT translation, does not allow NAT translation, or does not care.


[ Contents] [ Prev] [ Next] [ Index] [ Report an Error]