The following procedures provides various methods using which you can choose an endpoint as a NAT source:
View and select the source endpoint from the complete list of addresses, protocols, interfaces, zones, routing instances, or ports.
The physical interfaces of an NFX box are mapped to the virtual interfaces of the Gateway Router (GWR) (vSRX) as given in Table 201. These are the default mappings provided by CSO. You may change these interface mappings based on your requirements.
Table 201: NFX and GWR Interface Mapping
NFX Physical Interface | GWR Virtual Interface |
|---|---|
WAN 0 (ge-0/0/10) | ge-0/0/2 |
WAN 1 (ge-0/0/11) | ge-0/0/3 |
WAN 2 (xe-0/0/12) | ge-0/0/7 |
WAN 3 (xe-0/0/13) | ge-0/0/8 |
LAN-X (ge-0/0/X) | Ge-0/0/06.<vlan-id-for-X> |
When you create a new NAT rule and an NFX physical interface is intended as the source endpoint, select the respective mapped GWR interface.
Enter an abbreviation in the Source field to select the source endpoint from a filtered list of source endpoints.
To view a filtered list of addresses, enter ADDR or addr.
To view a filtered list of protocols, enter PROT or prot.
To view a filtered list of interfaces, enter INTR or intr.
To view a filtered list of zones, enter ZONE or zone.
To view a filtered list of routing instances, enter ROUT or rout.
Click the endpoints in the filtered list to select them.
You can add a port number as a source endpoint. To do so:
You can also enter a range of ports by using the separator -. For example, you can enter 10-20.
The entered port value is selected as a source endpoint.
You can also select the endpoint from the complete list of addresses, protocols, interfaces, zones, and routing instances. See Adding an Endpoint as NAT Source.
You can select a NAT source endpoint from the End Points panel. Alternately, you can create a new NAT source endpoint from the End Points panel, see Creating and Selecting a NAT Source from the End Points Panel.
To select an NAT source endpoint from the End Points panel:
The End Points panel appears, displaying the list of available addresses, interfaces, protocols, zones, and routing instances.
Note You can only edit or view details of a source endpoint if these options appear on right side of the endpoint when you hover over it. Not all endpoints provide these options.
To create a new source endpoint from the End Points panel:
Based on the option you select, the respective page appears. Fill in the required details to create a new endpoint.
To create a new address, see Creating Addresses or Address Groups.
To create a new service, see Creating Services and Service Groups.
To create a new NAT pool, see Creating NAT Pools.
After the endpoint is created, it appears in the Endpoints panel.
You can use one of the following ways to create a new address from the Source field and use the newly created address as a source endpoint:
Type the address directly in the Source field. If the address is valid, it is created immediately and added as a source endpoint.
Create an address from the Source field, using the following steps:
The Create Addresses page appears.
The new address is created, and will be listed as an option for the source. Select the new address to add it to the source.