source (Security Source NAT)

Syntax

source {address-persistent;interface (port-overloading off | port-overloading-factor number);pool pool-name {address ip-address { to ip-address;}address-persistent subscriber ipv6-prefix-length prefix-length;address-pooling (paired | no-paired);address-shared;description text;host-address-base ip-address;overflow-pool (interface | pool-name);pool-utilization-alarm (clear-threshold value | raise-threshold value);port {block-allocation {active-block-timeout timeout-interval;block-size block-size;log disable;maximum-blocks-per-host maximum-block-number}deterministic {block-size block-size;host {address ip-address;address-name address-name;}no-translation;port-overloading-factor number;range {port-low <to port-high>;to port-high;twin-port port-low <to port-high>;}}routing-instance routing-instance-name;}pool-default-port-range lower-port-range to upper-port-range;pool-default-twin-port-range lower-port-range to upper-port-range;pool-utilization-alarm (clear-threshold value | raise-threshold value);port-randomization disable;rule-set rule-set-name {description text;from {interface [interface-name];routing-instance [routing-instance-name];zone [zone-name];}rule rule-name {description text;match {application {[application];any;}(destination-address <ip-address> | destination-address-name <address-name>);destination-port (port-or-low <to high>);protocol [protocol-name-or-number];source-address [ip-address];source-address-name [address-name];source-port (port-or-low <to high>)}then source-nat interface {persistent-nat {address-mapping;inactivity-timeout seconds;max-session-number value;permit (any-remote-host | target-host | target-host-port);}}off;pool <pool-name> persistent-nat { address-mapping;inactivity-timeout seconds;max-session-number number;permit (any-remote-host | target-host | target-host-port); }rule-session-count-alarm (clear-threshold value | raise-threshold value);}}}to {interface [interface-name];routing-instance [routing-instance-name];zone [zone-name];}}}

Hierarchy Level

[edit security nat source pool pool-name port]

Release Information

Statement modified in Junos OS Release 9.6. The description option added in Junos OS Release 12.1. Statement modified in Junos OS Release 12.1X45-D10. Statement modified in Junos OS Release 12.1X47-D10. Statement modified in Junos OS Release 12.1X47-D15.

Description

Configure source NAT, which allows you to configure the following:

Options

The remaining statements are explained separately. See CLI Explorer.

Required Privilege Level

security—To view this statement in the configuration.

security-control—To add this statement to the configuration.

Related Documentation