TypeScript 接口继承的具体使用
473
2022-09-11
juniper SRX 地址端口映射设置(juniper认证)
juniper SRX 地址端口映射设置(juniper认证)
需求说明:外网IP:123.123.123.123:22222 映射 内网 10.100.200.22:22
定义内网地址池(ssh-22)和端口号
set security nat destination pool ssh-22 address 10.100.200.22/32set security nat destination pool ssh-22 address port 22
定义外网地址端口
edit security nat destination #进入nat destination 编辑界面set rule-set u-t0-t from zone untrust #设置 u-to-t 流量从那个区域进入set rule-set u-t0-t rule ssh22 match source-address 0.0.0.0/0 #原地址set rule-set u-to-t rule ssh22 match destination-address 123.123.123.123/32 #目标地址set rule-set u-to-t rule ssh22 match destination-port 22222 #对外开放端口set rule-set u-to-t rule ssh22 match protocol tcp #使用协义set rule-set u-to-t rule ssh22 then destination-nat pool ssh-22 #转换到那个地址池exit(退出 nat destination 编辑界面)
定义内网协议端口
set applications application tcp-22 protocol tcpset applications application tcp-22 destination-port 22
定义内网地址
set security zones security-zone trust address-book address ssh22 10.100.200.22
定义策略
edit security policies from-zone untrust to-zone trustset policy linux-ssh22 match source-address anyset policy linux-ssh22 match destination-address ssh22 #address-book 地址set policy linux-ssh22 match application tcp-22 #设置为内网真实端口set policy linux-ssh22 match application junios-sshset policy linux-ssh22 then permit
版权声明:本文内容由网络用户投稿,版权归原作者所有,本站不拥有其著作权,亦不承担相应法律责任。如果您发现本站中有涉嫌抄袭或描述失实的内容,请联系我们jiasou666@gmail.com 处理,核实后本网站将在24小时内删除侵权内容。
相关文章
发表评论
暂时没有评论,来抢沙发吧~