Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 

Importing CGNAT Rule Sets

 

The rule-set statement defines a collection of NAT rules that determine what actions the router software performs on packets in the data stream. You define each rule by specifying a rule name and configuring terms. Then, you specify the order of the rules by including the rule-set statement at the [edit services nat] hierarchy level with a rule statement for each rule:

The router software processes the rules in the order in which you specify them in the configuration. If a term in a rule matches the packet, the router performs the corresponding action and the rule processing stops. If no term in a rule matches the packet, processing continues to the next rule in the rule set. If none of the rules matches the packet, no NAT action is performed on the packet. If a packet is destined to a NAT pool address, it is dropped.

To import a CGNAT rule set:

  1. From the View selector, select Service View. The workspaces that are applicable to this view are displayed.
  2. From the Junos Space user interface, click the Build icon on the Edge Services Director banner.

    The functionalities that you can configure in this mode are displayed in the task pane.
  3. Select Object Builder from the task pane. The Object Builder page is displayed.
  4. Click the plus sign (+) next to Object Builder in the task pane to expand the tree and display the list of objects.
  5. From the task pane, select CGNAT Rule Sets to open the CGNAT Rule Sets page on the right pane. The list of previously imported objects is displayed.

    To filter and sort the display of objects, enter the name of the object as a match criterion in the Search box and click the Search icon. The page refreshes to display only the object names that match with the search term. You can use the paging controls to navigate across multiple pages of objects as necessary.

  6. Click the Import icon.

    The Add to Object Builder dialog box is displayed.

  7. Do one of the following for the Import section:
    • Select the From Existing Service Gateway radio button if you want to import the CGNAT rule set from SDGs that are present in the Edge Services Director database.

    • Select the From XML radio button if you want to import the CGNAT rule set from an XML configuration file on an external system.

  8. If you selected the option to import the object from SDGs, do the following:
    • Click the Normal View tab to view the list of SDGs. You can search for specific SDGs by entering a search item and clicking the Search icon.

      Alternatively, click the Group View tab to view the list of SDG groups. You can search for specific SDG groups by entering a search item and clicking the Search icon.

    • Click the plus sign (+) next to the All Service Gateways item to expand the tree structure that displays the list of SDGs or SDG groups. If the SDG pair is configured, you can select one of the devices, master or standby, from which you want to import the object.

      Alternatively, if you selected the Group View tab, you can select an SDG from the groups displayed from which you want to import the object.

    • Click Import. The object is added to the database and can be used during configuration of services or policies.

  9. If you selected the option to import from an XML file, do the following:
    • Click Browse beside the File Name field to navigate to the path where an XML file is available to be imported.

    • Click Import. The object is added to the database and can be used during configuration of services or policies.