}
}
[edit]
user@srx210-host# show security policies from-zone untrust to-zone DMZ
policy server-access {
match {
source-address any;
destination-address Server-HTTP-1;
application junos-http;
}
then {
permit;
}
}
If you are done configuring the device, enter commit from configuration mode.
Verification
Confirm that the configuration is working properly.
•
Verify the Destination NAT Rule on page 44
•
Verifying NAT Application to Traffic on page 44
Verify the Destination NAT Rule
Purpose Verify that there is traffic using IP addresses from the destination NAT pool.
Action From operational mode, enter the show security nat destination summary command.
View the translation hits field to check for traffic using IP addresses from the pool.
Total pools: 1
Pool name Address Routing Port Total
Range Instance Address
dst-nat-pool-1 192.168.2.2 - 192.168.2.2 default 0 1
Total rules: 1
Rule name Rule set From Action
r1 rs1 ge-0/0/0.0
dst-nat-pool-1
Meaning Displays a summary of NAT destination pool information.
Verifying NAT Application to Traffic
Purpose Verify that NAT is being applied to the specified traffic.
Action From operational mode, enter the show security flow session command to display
information about all currently active security sessions on the device.
Related
Documentation
• Understanding NAT for SRX Series on page 39
Copyright © 2016, Juniper Networks, Inc.44
Getting Started Guide for Branch SRX Series
To Next Page
Loading...
Need help?
General
