Examples: Configure Network Address Translation Properties

The following example configures an address pool containing a specified range and dynamic source translation:

[edit services nat]

pool public {

    address-range low 112.148.2.1 high 112.148.2.32;

    port automatic;

}

rule Private-Public {

    match-direction input;

    term Translate {

        then {

            translated {

                source-pool public;

                translation-type source dynamic;

            }

        }

    }

}

The following NAT service configuration includes two terms. term1 configures source address translation for traffic from any private to any public address. The translation is applied for all services. term2 performs destination address translation for HTTP traffic from any public address to the server's virtual IP address. The virtual server IP address is translated to an internal IP address.

[edit services nat]

rule my-nat-rule {

    match-direction input;

    term my-term1 {

        from {

            source-address private;

            destination-address public;

        }

        then {

            translated {

                source-pool my-prefix-list; # pick address from a pool

                translation-type source dynamic; # dynamic NAT functionality with port 
                      translation

            }

        }

    }

    term my-term2 {

        from {

            destination-address 202.1.137.3; # my server's virtual address

            application http;

        }

        then {

            translated {

                destination-address 162.138.3.1; # internal ip address

                translation-type destination static; # static destination NAT

            }

        }

    }

}

For additional examples that combine NAT configuration with other services and with VRFs, see Examples: Services Interfaces Configuration.