Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 
 

Static Destination NAT

Configuring Static Destination Address Translation in IPv4 Networks

To use destination address translation, the size of the pool address space must be greater than or equal to the destination address space. You must specify a name for the destination-pool statement, which can contain multiple addresses, ranges, or prefixes, as long as the number of NAT addresses in the pool is larger than the number of destination addresses in the from statement.

To configure destination address translation in IPv4 networks:

  1. In configuration mode, go to the [edit services] hierarchy level.
  2. Configure the service set and the NAT rule.

    In the following example, the name of the service set is s1 and the name of the NAT rule is rule-dnat44.

  3. Go to the [interface-service] hierarchy level of the service set.
  4. Configure the service interface. 

    In the following example, the name of the service interface is ms-0/1/0.

    Note:

    If the service interface is not present in the router, or the specified interface is not functional, the following command can result in an error.

  5. Go to the [edit services nat] hierarchy level. Issue the following command from the top of the services hierarchy, or use the top keyword.
  6. Configure the NAT pool with an address.

    In the following example, dest-pool is used as the pool name and 4.1.1.2 as the address. 

  7. Configure the rule, match direction, term, and destination address.

    In the following example, the name of the rule is rule-dnat44, the match direction is input, the name of the term is t1, and the address is 20.20.20.20.

  8. Go to the [edit services nat rule rule-dnat44 term t1] hierarchy level.
  9. Configure the destination pool and the translation type.

    In the following example, the destination pool name is dest-pool, and the translation type is dnat-44.

  10. Go to the [edit services adaptive-services-pics] hierarchy level. In the following command, the top keyword ensures that the command is run from the top of the hierarchy. 
  11. Configure the trace options.

    In the following example, the tracing parameter is configured as all.

  12. Verify the configuration by using the show command at the [edit services] hierarchy level.

The following example configures the translation type as dnat-44.

In the following configuration, term1 configures source address translation for traffic from any private address to any public address. The translation is applied for all services. term2 performs destination address translation for Hypertext Transfer Protocol (HTTP) traffic from any public address to the server’s virtual IP address. The virtual server IP address is translated to an internal IP address.

The following configuration performs NAT using the destination prefix 20.20.10.0/32 without defining a pool.

See Also