Has anyone gotten mosh to work through a Juniper SRX? I’ve been unable to make it work. I did have it working through a Fortigate firewall, but since the Fortigate won’t do a reliable VPN with my SRX at home (HMAC errors when traffic gets even remotely large) I’ve had to revert to the SRX at the DC.
Here are the relevant pieces that I think should work:
set security nat destination pool udp-60000 address 10.254.1.130/32 set security nat destination pool udp-60000 address port 60000 set security nat destination rule-set incoming-traffic rule udp-60000 match destination-address 139.60.169.32/32 set security nat destination rule-set incoming-traffic rule udp-60000 match destination-port 60000 set security nat destination rule-set incoming-traffic rule udp-60000 match protocol udp set security nat destination rule-set incoming-traffic rule udp-60000 then destination-nat pool udp-60000 set security policies from-zone untrust to-zone internal policy 60000 match source-address any set security policies from-zone untrust to-zone internal policy 60000 match destination-address 10.254.1.10/32 set security policies from-zone untrust to-zone internal policy 60000 match application udp-60000 set security policies from-zone untrust to-zone internal policy 60000 then permit set applications application udp-60000 protocol udp set applications application udp-60000 destination-port 60000
No comments:
Post a Comment