Static Nat with Proxy ARP Juniper

/ February 17th, 2011/ Posted in Networking / No Comments »

Problem:

When pinging/connecting to external NAT address, IP of the firewall/router was being returned.

Solution:

Configure a static nat with proxy arp

ssh into firewall

config shared
set security nat static rule-set MIPs rule VCD01XZZZ-BBB match destination-address 151.1xx.xx.210 (external)
set security nat static rule-set MIPs rule VCD01XZZZ-BBB then static-nat prefix 10.xxx.103.xxx (internal)
set security nat proxy-arp interface reth1.0 address 151.1xx.xx.210 (external)
set security zones security-zone trust address-book address VCD01XZZZ-BBB 10.xx.103.xxx (internal)
commit

 add to a policy via web config to save time.


Tags: ,

Leave a Reply

Name required

Please Submit Answer * Time limit is exhausted. Please reload CAPTCHA.