juniper srx 系列 (15.1x)如何映射 udp端口
阿新 • • 發佈:2018-08-11
juniper ins 1-1 區域 The 一個 pool 網絡電話服務器 pro 關於juniper srx 系列 (15.1x)如何映射 udp端口
set security nat destination pool 10-6-1-1-1111 routing-instance default
set security nat destination rule-set 001 rule 10-6-1-1-1111 match destination-port 1111
set security nat destination rule-set 001 rule 10-6-1-1-1111 match protocol udp
需求映射網絡電話服務器udp 1111 2222 (舉例)
選擇destination NAT
配置如下 :
定義一個 destination pool
set security nat destination pool 10-6-1-1-1111 routing-instance default
set security nat destination pool 10-6-1-1-1111 address 10.6.1.1/32
set security nat destination pool 10-6-1-1-1111 address port 1111
區域 trust 到untust
set security nat destination rule-set 001 from zone trust
set security nat destination rule-set 001 from zone untrust
set security nat destination rule-set 001 rule 10-6-1-1-1111 then destination-nat pool 10-6-1-1-1111
set security nat destination rule-set 001 rule 10-6-1-1-1111 match destination-address 111.000.222.333/32 (外網出口地址)
set security nat destination rule-set 001 rule 10-6-1-1-1111 match protocol udp
juniper srx 系列 (15.1x)如何映射 udp端口