rule-set (Security Static NAT)
Syntax
rule-set rule-set-name {
description text;
from {
interface [interface-name];
routing-group [routing-group-name]];
routing-instance [routing-instance-name];
zone [zone-name];
}
rule rule-name {
description text;
match {
(destination-address ip-address | destination-address-name address-name);
destination-port (port | low to high);
source-address ip-address;
source-address-name address-name;
source-port (port or low <to high>);
}
then {
static-nat {
inet {
routing-instance (default | routing-instance-name);
}
prefix {
address-prefix;
mapped-port lower-port-range to upper-port-range;
routing-instance (default | routing-instance-name);
}
prefix-name {
address-prefix-name;
mapped-port lower-port-range to upper-port-range;
routing-instance (default | routing-instance-name);
}
rule-session-count-alarm (raise-threshold value | clear-threshold value);
}
}
}
}
Hierarchy Level
[edit security nat static]
Description
Configure a set of rules for static NAT.
Options
| rule-set-name | Name of the rule set. |
| description | Description of the rule set. |
The remaining statements are explained separately. See CLI Explorer.
Required Privilege Level
security—To view this statement in the configuration.
security-control—To add this statement to the configuration.
Release Information
Statement modified in Junos OS Release 9.6. The description
option added in Junos OS Release 12.1. The
rule-session-count-alarm, source-address,
source-address-name, and source-port options
added in Junos OS Release 12.1X45-D10.
The routing-group option is added in Junos OS Release 22.2R1.