Login | Register For Free | Help
Search for: (Advanced)

Mailing List Archive: nsp: juniper

Information about source nat

  

 
nsp juniper RSS feed   Index | Next | Previous | View Threaded


bizzam at gmail

Jul 3, 2012, 5:03 AM

Post #1 of 4 (335 views)
Permalink
Information about source nat
Hi all,
I have an srx cluster with many ip addresses on external interface.
I need to assign an external ip to a specific host/subnet/port.
For example, a server in DMZ must send email using a specific IP.
Which is the best way to do this?
Persistent nat? Nat pool?

Any hints?

Regards
Marco
_______________________________________________
juniper-nsp mailing list juniper-nsp [at] puck
https://puck.nether.net/mailman/listinfo/juniper-nsp


pkc_mls at yahoo

Jul 3, 2012, 7:24 AM

Post #2 of 4 (322 views)
Permalink
Re: Information about source nat [In reply to]
Le 03/07/2012 2:03, bizza a écrit :
> Hi all,
Hi Marco,
> I have an srx cluster with many ip addresses on external interface.
> I need to assign an external ip to a specific host/subnet/port.
> For example, a server in DMZ must send email using a specific IP.
> Which is the best way to do this?
static source nat
> Persistent nat? Nat pool?
>
> Any hints?
edit security nat static
set rule set nat-static1 from zone lan rule rule1 match source-address
myserver;
set rule set nat-static1 from zone lan rule rule1 then static-nat prefix
mypublicip/32;
> Regards
> Marco
>

_______________________________________________
juniper-nsp mailing list juniper-nsp [at] puck
https://puck.nether.net/mailman/listinfo/juniper-nsp


sfouant at shortestpathfirst

Jul 3, 2012, 8:17 AM

Post #3 of 4 (317 views)
Permalink
Re: Information about source nat [In reply to]
It all really depends on a number of factors. Does this host require bidirectional communication, I.e. should it be able to initiate sessions outbound in addition to receiving sessions initiated inbound? If that's the case, static NAT is the way to go.

Sent from my HTC on the Now Network from Sprint!

----- Reply message -----
From: "bizza" <bizzam [at] gmail>
Date: Tue, Jul 3, 2012 8:03 am
Subject: [j-nsp] Information about source nat
To: <juniper-nsp [at] puck>

Hi all,
I have an srx cluster with many ip addresses on external interface.
I need to assign an external ip to a specific host/subnet/port.
For example, a server in DMZ must send email using a specific IP.
Which is the best way to do this?
Persistent nat? Nat pool?

Any hints?

Regards
Marco
_______________________________________________
juniper-nsp mailing list juniper-nsp [at] puck
https://puck.nether.net/mailman/listinfo/juniper-nsp
_______________________________________________
juniper-nsp mailing list juniper-nsp [at] puck
https://puck.nether.net/mailman/listinfo/juniper-nsp


bizzam at gmail

Jul 3, 2012, 2:01 PM

Post #4 of 4 (319 views)
Permalink
Re: Information about source nat [In reply to]
On Tue, Jul 3, 2012 at 5:17 PM, Stefan Fouant
<sfouant [at] shortestpathfirst> wrote:
> It all really depends on a number of factors. Does this host require
> bidirectional communication, I.e. should it be able to initiate sessions
> outbound in addition to receiving sessions initiated inbound? If that's the
> case, static NAT is the way to go.
>

thank you for your replay, and pkc_mls too.
I'll try your suggestion

regards
Marco
_______________________________________________
juniper-nsp mailing list juniper-nsp [at] puck
https://puck.nether.net/mailman/listinfo/juniper-nsp

nsp juniper RSS feed   Index | Next | Previous | View Threaded
 
 


Interested in having your list archived? Contact Gossamer Threads
 
  Web Applications & Managed Hosting Powered by Gossamer Threads Inc.