Source Configuration Page Options

  1. Select Configure>NAT>Source in the J-Web user interface.

    The Source NAT page appears. Table 34 explains the contents of this page.

  2. Click one:
    • Global Settings—Defines general specifications for source NAT. Enter information as specified in Table 35.
    • Add—Adds a new or duplicate source NAT configuration. Enter information as specified in Table 36.
    • Edit—Edits the selected source NAT configuration.
    • Delete—Deletes the selected source NAT configuration.
    • Launch Wizard— Launches the NAT wizard with source NAT as the default NAT type.

      The Launch Wizard option is not supported on high-end SRX Series devices.

  3. Click one:
    • OK—Saves the configuration and returns to the main configuration page.
    • Commit Options>Commit—Commits the configuration and returns to the main configuration page.
    • Cancel—Cancels your entries and returns to the main configuration page.

Table 34: Source NAT Configuration Page

Field

Function

Source NAT Rule Set

From

Displays the source NAT sort options from which the packets flow.

The following options are available:

  • Routing Instance
  • Zone
  • Interface

To

Displays the source NAT sort options to which the packets flow.

The options available are:

  • Routing Instance
  • Zone
  • Interface

Filter

Displays the filter option.

Name

Displays the name of the source NAT rule set.

From

Displays the name of the routing instance/zone/interface from which the packets flow.

To

Displays the name of the routing instance/zone/interface to which the packets flow.

Rule

Displays the name of the rule in the selected source NAT rule set.

Description

Displays a description of the source NAT rule set.

Rules in Selected Rule-Set

Rule Name

Displays the name of the rule in the selected source NAT rule set.

Source Addresses

Displays the match source address.

Source Ports

Displays the match source ports.

Destination Addresses

Displays the match destination address.

Destination Port

Displays the match destination port.

IP Protocol

Displays the match IP protocol.

Action

Displays the action of the rule.

Persistent

Displays the persistent NAT address in the source NAT pool

Upper Threshold

Displays the upper threshold at which an SNMP trap is triggered.

Lower Threshold

Displays the lower threshold at which an SNMP trap is triggered.

Description

Displays a description of the rule.

Source NAT Pool

Name

Displays the name of the source NAT pool.

Address

Displays the IP address of the source NAT pool.

Port

Displays the port address of the source NAT pool.

Description

Displays a description of the source NAT pool.

Upper Threshold

Displays the upper threshold at which an SNMP trap is triggered.

Lower Threshold

Displays the lower threshold at which an SNMP trap is triggered.

Table 35: Source NAT Global Setting Configuration Page

Field

Function

Action

Global Settings

Address Persistent

Enables the use of an IP address from a source pool to a host for multiple concurrent sessions that require the same source IP address for each session.

Select the check box to the enable address persistence.

Port randomization

Specifies source NAT port randomization.

Select the check box to enable port randomization.

Pool Utilization Alarm

Clear Threshold

Specifies clear to clear the threshold for pool utilization.

Enter a threshold value ranging from 40 through 100.

Raise Threshold

Specifies raise to raise the threshold for pool utilization.

Enter a threshold value ranging from 50 through 100.

Interface Port-Overloading

On/Off

Note: This option is not applicable for logical systems.

Specifies whether interface port overloading is enabled or disabled.

Select a radio button to enable or disable port overloading.

Factor

Specifies the port overloading capacity for the source NAT interface.

Enter a number ranging from 1 through the maximum port capacity.

Table 36: Add Source NAT Configuration Details

Field Function Action
Add Rule Set

Rule Set Name

Specifies the name of the rule set.

Enter the rule set name.

Rule Set Description

Specifies a description for the rule set.

Enter a description for the rule set.

From/To

Specifies the filter option. The following options are available:

  • Routing Instance
  • Zone
  • Interface

Select an option.

Select the source routing instances/zones/interfaces in the Available column, and the use the right arrow to move them to the Selected column.

Select the destination routing instances/zones/interfaces in the Available column, and the use the right arrow to move them to the Selected column.

Add Rule

Rule Name

Specifies the name of the rule.

Enter the rule name.

Rule Description

Specifies a description for the rule.

Enter a description for the rule.

Match
Source

Available Address

Specifies the available source IP addresses.

Search for and select the source addresses in the Available column, and then use the right arrow to move them to the Selected column.

Selected

Specifies the selected source IP addresses.

Optionally, enter a source address in the New text box and then click Add to add it to the list of IP addresses.

Ports

Specifies a single port or a port range.

Enter a single port value or a range from low to high (for example, 5-10), not to exceed 8, then click Add.

IP Protocol

Specifies the IP protocol.

Enter the protocol name in the New text box, and then click Add.

Destination

Available Address

Specifies the available destination IP addresses.

Search for and select the destination addresses in the Available column, and then use the right arrow to move them to the Selected column.

Selected

Specifies the selected destination IP addresses.

Optionally, enter a destination address in the New text box and then click Add to add it to the list of IP addresses.

Port

Specifies the destination port options. The following options are available:

  • Any
  • Port
  • Port Range

Select an option.

Action

Specifies the action to be taken. The options available are:

  • No Source NAT
  • Do Source NAT with Egress Interface Address—The egress interface’s IP address is used to perform source NAT.
  • Do Source NAT with Pool—The user-defined address pool is used to perform source NAT.

Select an option.

Persistent

Specifies the persistent NAT address in the source NAT pool.

Select the check box to enable the following fields:

  • Permit—Select to permit persistent NAT.
  • Inactivity Timeout—Enter the amount of time, in seconds, that the persistent NAT binding remains in the device’s memory when all the sessions of the binding entry are gone. When the configured timeout is reached, the binding is removed from memory.
  • Max Session Number—Enter the maximum number of sessions with which a persistent NAT binding can be associated.
Utilization Alarm

Upper Threshold

Specifies that an SNMP trap is triggered when the session count for the specific rule falls below the high threshold.

Enter a session number.

Lower Threshold

Specifies that an SNMP trap is triggered when the session count for the specific rule falls below the low threshold.

Enter a session number.

Add Source NAT Pool

Pool Name

Specifies the name of the source NAT pool.

Enter the source NAT pool name.

Pool Description

Specifies a description for the source NAT pool.

Enter a description for the source NAT pool.

Routing Instance

Specifies the available routing instances.

Select an option.

Pool Address Family

Specifies the source NAT pool address family.

Select an option.

Pool Addresses

Specifies the source NAT pool addresses.

Enter the address range in the Address/Range text boxes. Click Add to add the address range to the Addresses column.

Port Translation

Specifies the port translation options. The following options are available:

  • No Translation
  • Translation with Default Port Range (1024 through 65535)
  • Translation with Specified Port Range
  • Translation with Port Overloading Factor

Select an option.

Address Assignment

Specifies the type of address assignment. The following options are available:

  • Enable Address Shared—Specifies that multiple internal IP addresses can be mapped to the same external IP address. Used only when the source NAT pool is configured without port translation.
  • Enable Address Pooling—Specifies the type of address pooling:
    • paired—Used in a source pool without port translation for applications that require all sessions associated with one internal IP address to be translated to the same external IP address for the duration of a session .
    • no-paired—Used in a source pool with port translation for applications that can be can be assigned IP addresses in a round-robin fashion .

Select an option.

Utilization Alarm

Specifies the utilization alarm thresholds for a specific source pool. When pool utilization exceeds the high threshold or falls below the low threshold, an SNMP trap is triggered. The following options are available:

  • Upper Threshold (%)—Upper threshold at which an SNMP trap is triggered.
  • Lower Threshold (%)—Lower threshold at which an SNMP trap is triggered.

Enter the high and low threshold values.

Related Documentation