Many-to-many destination translation



  • Hi,

    This is the first netscreen (ns25) i have to configure, so I’m a newbie.

    This is what I would like to do:

    Translate the complete range of public ip addresses to corresponding private ip addresses.

    e.g. 82.x.x.1 – 192.168.10.1
    e.g. 82.x.x.2 – 192.168.10.2

    e.g. 82.x.x.253 – 192.168.10.253
    e.g. 82.x.x.254 – 192.168.10.254

    I read the manual about mip, vip and nat-dst translation.
    The mip does work but has a max of 200 mappings and is a lot of work.

    I figured a many to many destination translation should do the trick but I can’t seem to get it working.

    To keep things simple i made a script using one-to-one translation.
    But that doesn’t seem to work either.

    I made fresh config using:
    Interface1 private: 192.168.10.0/24
    Interface3 public: 82.x.x.0/24

    Set route 82.x.x.51 255.255.255.0 interface ethernet1
    Set address trust webserver 82.x.x.51/32
    Set policy id 5 from untrust to trust an webserver any nat dst ip 192.168.10.51 permit

    I greatly appreciate and look forward to any insight anyone can provide.


 

50
Online

38.4k
Users

12.7k
Topics

44.5k
Posts