Hide Navigation Pane
Show Navigation Pane
Feedback
Download
SHA1
permit (Persistent NAT)
Syntax
permit ( any-remote-host | target-host | target-host-port
);
Hierarchy Level
[edit security nat source rule-set ruleset rule rule then source-nat (pool | interface)
persistent-nat ]
Release Information
Statement introduced in Release 9.6 of Junos OS.
Description
Configure persistent NAT mappings.
Options
- any-remote-host—All requests from a specific internal IP address and port are mapped to the same reflexive transport address. (The reflexive transport address is the public IP address and port created by the NAT device closest to the STUN server.) Any external host can send a packet to the internal host by sending the packet to the reflexive transport address.
- target-host—All requests from a specific internal IP address and port are mapped to the same reflexive transport address. An external host can send a packet to an internal host by sending the packet to the reflexive transport address. The internal host must have previously sent a packet to the external host’s IP address.
- target-host-port—All requests from a specific internal IP address and port are mapped to the same reflexive transport address. An external host can send a packet to an internal host by sending the packet to the reflexive transport address. The internal host must have previously sent a packet to the external host’s IP address and port.
Usage Guidelines
For configuration instructions and examples, see the Junos OS Security Configuration Guide.
Required Privilege Level
security—To view this statement in the configuration.
security-control—To add this statement to the configuration
