Understanding Static NAT Rules

Static NAT rules specify two layers of match conditions:

• Traffic direction—Allows you to specify from interface, from zone, or from routing-instance.
• Packet information—Destination IP address.

If multiple static NAT rules overlap in the match conditions, the most specific rule is chosen. For example, if rules A and B specify the same source and destination IP addresses, but rule A specifies traffic from zone 1 and rule B specifies traffic from interface ge-0/0/0, rule B is used to perform static NAT. An interface match is considered to be more specific than a zone match, which is more specific than a routing instance match.

For the static NAT rule action, specify the translated address and (optionally) the routing instance.

In NAT lookup, static NAT rules take precedence over destination NAT rules and reverse mapping of static NAT rules takes precedence over source NAT rules.

Related Topics

• Junos OS Feature Support Reference for SRX Series and J Series Devices
• Understanding Static NAT
• Static NAT Configuration Overview
• Example: Configuring Static NAT for Single Address Translation
• Example: Configuring Static NAT for Subnet Translation
• Understanding NAT Rule Sets and Rules