CHAPTER 6
Configuring NAT for SRX Series
•
Understanding NAT for SRX Series on page 39
•
Example: Configuring Destination NAT for SRX Series on page 40
Understanding NAT for SRX Series
Network Address Translation (NAT) is a method for modifying or translating network
address information in packet headers. Either of the source and destination addresses
or both addresses in a packet can be translated. NAT can include the translation of IP
addresses as well as port numbers.
The following types of NAT are supported on an SRX Series:
•
Static NAT—Static NAT defines a one-to-one mapping from one IP subnet to another
IP subnet. The mapping includes destination IP address translation in one direction
and source IP address translation in the reverse direction.
Static NAT allows connections to be originated from either side of the network, but
translation is limited to one-to-one or between blocks of addresses of the same size.
•
Destination NAT—Destination NAT is the translation of the destination IP address of
a packet entering the SRX Series. Destination NAT is used to redirect traffic destined
to a virtual host (identified by the original destination IP address) to the real host
(identified by the translated destination IP address).
In general, destination NAT allows connections to be initiated for incoming network
connections—for example, from the Internet to a private network.
•
Source NAT—Source NAT is the translation of the source IP address of a packet leaving
the SRX Series. Source NAT is used to allow hosts with private IP addresses to access
a public network. On the SRX210, source NAT from the trust to the untrust zone is
enabled by default.
In general, source NAT allows connections to be initiated for outgoing network
connections—for example, from a private network to the Internet.
For more information, see the Network Address Translation Feature Guide for Security
Devices.
Related
Documentation
Understanding Factory Default Configuration Settings of an SRX210 on page 7•
39Copyright © 2016, Juniper Networks, Inc.
To Next Page
Loading...
Need help?
General
