Juniper EX Series
 Introduction
 How To

<< >>
 How to Configure DESTINATION NAT in MX-Series  Router

JUNIPER DNAT-MX-SERIES

Synopsis

This article will provide the example to configure the DNAT in Juniper MX-Series Router. In this example , We have used the Public IP Subnet 20.20.20.0/24 , Internal Network 10.10.10.0/24 and Server Network (which is placed in internal Network) 192.168.1.0/24. Our purpose of this example is to do the Destination NAT (i.e. Static NAT) where the server (192.168.1.10) would be accessible from public IP 20.20.20.10

Outside Network ----------MX-Series-Router -------------Internal Network

Configurations Steps:

 1) Login the device

login: username
password: 

 2) Once you will login the switch , You will be enter in Operational mode

>

 3) Go to Configuration mode from operational mode

>configure 

 4) Configure the WAN interfaces in Router (i.e Connectivity of Outside Network)

 #  set interfaces ge-0/0/0 unit 0 family inet address 20.20.20.1/24

5) Configure the LAN interfaces in Router (i.e Connectivity of Internal Network)

#  set interfaces ge-0/0/1 unit 0 family inet address 10.10.10.1/24

6) Configure the service interface

# set interfaces ms-1/1/0 unit 1 family inet

# set interfaces ms-1/1/0 unit 1 service-domain inside

# set interfaces ms-1/1/0 unit 2 family inet

# set interfaces ms-1/1/0 unit 2 service-domain outside

7) Configure Routing Instance for internal Network

# set routing-instances Inside-Network instance-type virtual-router

# set routing-instances Inside-Network interface ge-0/0/1.0

# set routing-instances Inside-Network interface ms-1/1/0.1

# set routing-instances Inside-Network routing-options static route 192.168.1.0/24 next-hop 10.10.10..2

# set routing-instances Inside-Network routing-options static route 0.0.0.0/0 next-hop ms-1/1/0.1

8) Configure Routing Instance for Outside Network

# set routing-instances Outside-Network instance-type virtual-router

# set routing-instances Outside-Network ms-1/1/0.2

# set routing-instances Outside-Network ge-0/0/0.0

# set routing-instances  Outside-Network routing-options static route 0.0.0.0/24 next-hop 20.20.20.2 

9) Enable Inline Service

# set chassis fpc 1 pic 1inline-services bandwidth 1g

10) . Configure the NAT Rule

# set services nat rule DNAT-Rule match-direction output

# set services nat rule DNAT-Rule term 1 from destination-address 20.20.20.10/32

# set services nat rule DNAT-Rule term 1 then translated destination-prefix 192.168.1.10/32

# set services nat rule DNAT-Rule term 1 then translated translation-type dnat-44

11) .Configure service and service-set for NAT

# set services service-set DNAT-Service-Set nat-rules DNAT-Rule

# set services service-set DNAT-Service-Set next-hop-service inside-service-interface ms-1/1/0.1

# set services service-set DNAT-Service-Set next-hop-service outside-service-interface ms-1/1/0.2

12) . Configure Routing option

# set routing-options static route 0.0.0.0/0 next-hop 20.20.20.2

# set routing-options static route 0.0.0.0/0 next-hop ms-1/1/0.1

13) . Save the Configuration

# commit

<< >>