[ Contents] [ Prev] [ Next] [ Index] [ Report an Error]

Example: Configuring Source NAT Pools

Source NAT pools provide JUNOS Software with a supply of addresses from which to draw when translation is performed.

Note: When the JUNOS Software performs source NAT, security policies are applied first, and then the address in question is translated according to configured source NAT rules.

Before You Begin
For background information, read: Source NAT Configuration Overview

Before You Begin

For background information, read:

Source NAT Configuration Overview

In this example, you perform the following tasks:

Configure a source NAT pool with port address translation.
Configure a source NAT pool without port address translation.
Configure a source NAT pool by specifying an IP address and prefix.
Configure a source NAT pool with host address shifting.
Configure pool utilization alarms and address persistent.

CLI Configuration

To configure a source NAT pool with port address translation:


            
               user@host# set security nat source pool src-nat-with-pat
                     routing-instance red
               user@host# set security nat source pool src-nat-with-pat
                     address 10.1.1.1
               user@host# set security nat source pool src-nat-with-pat
                     address 10.1.1.10 to 10.1.1.20

To configure a source NAT pool without port address translation:


            
               user@host# set security nat source pool src-nat-without-pat
                     routing-instance red
               user@host# set security nat source pool src-nat-without-pat
                     address 10.1.1.100 to 10.1.1.150
               user@host# set security nat source pool src-nat-without-pat
                     port no-translation 
               user@host# set security nat source pool src-nat-without-pat
                     overflow-pool src-nat-with-pat

To configure a source NAT pool by specifying an IP address and prefix:


            
               user@host# set security nat source pool src-nat-with-prefix
                     routing-instance red
               user@host# set security nat source pool src-nat-with-prefix
                     address 10.1.1.0/24

To configure a source NAT pool with host address shifting:


            
               user@host# set security nat source pool src-nat-by-shifting
                     routing-instance red
               user@host# set security nat source pool src-nat-by-shifting
                     address 10.1.1.200 to 10.1.1.250
               user@host# set security nat source pool src-nat-by-shifting
                     host-address-base 192.168.1.1

To configure pool utilization alarms and address to be persistent:


            
               user@host# set security nat source pool-utilization-alarm
                     raise-threshold 80 clear-threshold 70
               user@host# set security nat source address-persistent

[ Contents] [ Prev] [ Next] [ Index] [ Report an Error]