Configure NAT Rule Content

To configure a NAT rule, include the rule rule-name statement at the [edit services nat] hierarchy level:

[edit services nat]

rule rule-name {

    match-direction (input | output);

    term term-name {

        from {

            applications [ application-names ];

            application-sets [ set-names ];

            destination-address address;

            source-address address;

        }

        then {

            translated {

                destination-pool nat-pool-name;

                source-pool nat-pool-name;

                translation-type (destination type | source type);

            }

            syslog;

        }

    }

}

Each NAT rule consists of a set of terms, similar to a firewall filter. A term consists of the following:

• from statement—Specifies the match conditions and applications that are included and excluded.
• then statement—Specifies the actions and action modifiers to be performed by the router software.

In addition, each rule includes a match-direction statement that specifies the direction in which the match is applied. To configure where the match is applied, include the match-direction (input | output) statement at the [edit services nat rule rule-name] hierarchy level:

[edit services nat]

rule rule-name {

    match-direction (input | output);

}

The following sections describe NAT rule content in more detail:

• Configure NAT Match Conditions
• Configure NAT Actions