溫馨提示×

您好,登錄后才能下訂單哦!

密碼登錄×
登錄注冊(cè)×
其他方式登錄
點(diǎn)擊 登錄注冊(cè) 即表示同意《億速云用戶服務(wù)條款》

juniper SRX 地址映射

發(fā)布時(shí)間:2020-08-03 01:04:00 來(lái)源:網(wǎng)絡(luò) 閱讀:709 作者:z89177519 欄目:安全技術(shù)

需求說(shuō)明:公網(wǎng)122.93.43.X:16927 映射 內(nèi)網(wǎng) 10.100.124.200:80

定義內(nèi)網(wǎng)地址
set security nat destination pool srv200-80 address 10.100.124.200/32
定義內(nèi)網(wǎng)端口號(hào)
set security nat destination pool srv200-80 address port 80
定義公網(wǎng)地址+端口
edit security nat destination
set rule-set untrust-trust-set rule un122-srv200-443 match source-address 0.0.0.0/0
set rule-set untrust-trust-set rule un122-srv200-443 match destination-address 122.93.43.X/32
set rule-set untrust-trust-set rule un122-srv200-443 match destination-port 16927 ##公網(wǎng)端口
set rule-set untrust-trust-set rule un122-srv200-443 match protocol tcp
set rule-set untrust-trust-set rule un122-srv200-443 then destination-nat pool srv200-80

定義內(nèi)網(wǎng)協(xié)議+端口

set applications application tcp-80 protocol tcp
set applications application tcp-80 destination-port 80

定義內(nèi)網(wǎng)地址

set security zones security-zone trust address-book address srv200 10.100.124.200

定義策略
edit security policies from-zone untrust to-zone trust
set policy utot-srv11-3389 match source-address any
set policy utot-srv11-3389 match destination-address srv200
set policy utot-srv11-3389 match application tcp-80 ###### 定義內(nèi)網(wǎng)真實(shí)端口####
set policy utot-srv11-3389 match application junios-http
set policy utot-srv11-3389 then permit

向AI問(wèn)一下細(xì)節(jié)

免責(zé)聲明:本站發(fā)布的內(nèi)容(圖片、視頻和文字)以原創(chuàng)、轉(zhuǎn)載和分享為主,文章觀點(diǎn)不代表本網(wǎng)站立場(chǎng),如果涉及侵權(quán)請(qǐng)聯(lián)系站長(zhǎng)郵箱:is@yisu.com進(jìn)行舉報(bào),并提供相關(guān)證據(jù),一經(jīng)查實(shí),將立刻刪除涉嫌侵權(quán)內(nèi)容。

AI