The below is the format I tend to use when applying a port forward to a Juniper SRX:
set security nat destination pool PORT-FORWARD1 address 10.0.0.1/32
set security nat destination pool PORT-FORWARD1 address port 80
set security nat destination rule-set RS1 rule r1 match destination-address 1.2.3.4/32
set security nat destination rule-set RS1 rule r1 match destination-port 8080
set security nat destination rule-set RS1 rule r1 then destination-nat pool PORT-FORWARD1
And then finally a permit for inbound on the WAN interface. I'm just wondering if there is a more efficient way of applying a port forward?
It's not too bad for one but when you are applying lots of port forwards it add's a lot of configuration to the Juniper.
Thanks
No comments:
Post a Comment