Related Documentation
- J Series
- NAT Overview in
the Junos OS Security Configuration Guide
- SRX Series
- Example: Configuring Network Address Translation for a User Logical System
- User Logical System Configuration Overview
- Understanding Logical Systems Security Profiles
- NAT Overview in
the Junos OS Security Configuration Guide
- Additional Information
- Junos OS Feature Support Reference for SRX Series and J Series Devices
- NAT Overview in
the Junos OS Security Configuration Guide
Understanding Logical System Network Address Translation
Network Address Translation (NAT) is a method for modifying or translating network address information in packet headers. Either or both source and destination addresses in a packet may be translated. NAT can include the translation of port numbers as well as IP addresses.
Any combination of static, destination, or source NAT can be configured in the root or user logical systems. Configuring NAT in a logical system is the same as configured NAT on a device that is not configured for logical systems. The master administrator can configure and monitor NAT in the master logical system as well as any user logical system.
For each user logical system, the master administrator can configure the maximum and reserved numbers for the following NAT resources:
- Source NAT pools and destination NAT pools
- IP addresses in source NAT pools with and without port address translation
- Rules for source, destination, and static NAT
- Persistent NAT bindings
- IP addresses that support port overloading
From a user logical system, the user logical system administrator can use the operational command show system security-profile with a NAT option to view the number of NAT resources allocated to the user logical system.
 | Note: The master administrator can configure a security profile for the master logical system that specifies the maximum and reserved numbers of NAT resources applied to the master logical system. The number of resources configured in the master logical system count toward the maximum number of NAT resources available on the device. |
From a user logical system, the user logical system administrator can use the show security nat command to view the information about NAT for the user logical system. From the master logical system, the master administrator can use the same command to view information for the master logical system, a specific user logical system, or all logical systems.
Related Documentation
- J Series
- NAT Overview in
the Junos OS Security Configuration Guide
- SRX Series
- Example: Configuring Network Address Translation for a User Logical System
- User Logical System Configuration Overview
- Understanding Logical Systems Security Profiles
- NAT Overview in
the Junos OS Security Configuration Guide
- Additional Information
- Junos OS Feature Support Reference for SRX Series and J Series Devices
- NAT Overview in
the Junos OS Security Configuration Guide
