温馨提示×

温馨提示×

您好,登录后才能下订单哦!

密码登录×
登录注册×
其他方式登录
点击 登录注册 即表示同意《亿速云用户服务条款》

Juniper NetScreen 基于源NAT转换

发布时间:2020-06-19 03:23:42 来源:网络 阅读:763 作者:vbs5210 栏目:安全技术

1.NAT-Src with PAT Enabled


CLI:

set int eth2 zone trust

set int eth2 ip 10.1.1.1/24

set int eth2 nat

set int eth4 zone untrust

set int eth4 ip 1.1.1.1/24

set int eth4 route

set int eth4 dip 5 1.1.1.30 1.1.1.30

set policy from trust to untrust any any any nat src dip-id 5 permit log


2.NAT-Src with PAT Disabled


CLI:

set int eth2 zone trust

set int eth2 ip 10.1.1.1/24

set int eth2 nat

set int eth4 zone untrust

set int eth4 ip 1.1.1.1/24

set int eth4 route

set int eth4 dip 6 1.1.1.50 1.1.1.150 fix-port

set policy from trust to untrust any any any nat src dip-ip 6 permit log


3.NAT-Src with Address Shifting


CLI:

set int eth2 zone trust

set int eth2 ip 10.1.1.1/24

set int eth2 nat

set int eth4 zone untrust

set int eth4 ip 1.1.1.1/24

set int eth4 ip route

set int eth4 dip 10 shift-from 10.1.1.11 to 1.1.1.101 1.1.1.105

set address trust host1 10.1.1.11/32

set address trust host2 10.1.1.12/32

set address trust host3 10.1.1.13/32

set address trust host4 10.1.1.14/32

set address trust host5 10.1.1.15/32

set group address trust group1 add host1

set group address trust group1 add host2

set group address trust group1 add host3

set group address trust group1 add host4

set group address trust group1 add host5

set policy from trust to untrust group1 any any nat src dip-id 10 permit log


3.NAT-Src Without DIP


CLI :

set int eth2 zone trust

set int eth2 ip 10.1.1.1/24

set int eth2 nat

set int eth4 zone untrust

set int eth4 ip 1.1.1.1/24

set int eth4 route

set policy from trust to untrust any any any nat src  permit log

向AI问一下细节

免责声明:本站发布的内容(图片、视频和文字)以原创、转载和分享为主,文章观点不代表本网站立场,如果涉及侵权请联系站长邮箱:is@yisu.com进行举报,并提供相关证据,一经查实,将立刻删除涉嫌侵权内容。

AI