Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- security {
- nat {
- source {
- rule-set nat-rule {
- from zone trust;
- to zone untrust;
- rule source-nat {
- match {
- source-address 0.0.0.0/0;
- }
- then {
- source-nat {
- interface;
- }
- }
- }
- }
- }
- destination {
- pool A {
- address 192.168.0.20/32 port 22;
- }
- rule-set RS2 {
- from zone untrust;
- rule DA2 {
- match {
- destination-address 213.103.x.x/24;
- destination-port 22;
- }
- then {
- destination-nat pool A;
- }
- }
- }
- }
- }
- zones {
- security-zone trust {
- interfaces {
- vlan.0 {
- host-inbound-traffic {
- system-services {
- all;
- }
- }
- }
- }
- }
- security-zone untrust {
- host-inbound-traffic {
- system-services {
- ssh;
- }
- }
- interfaces {
- fe-0/0/0.0 {
- host-inbound-traffic {
- system-services {
- dhcp;
- }
- }
- }
- }
- }
- }
- policies {
- from-zone trust to-zone untrust {
- policy internet-access {
- match {
- source-address any;
- destination-address any;
- application any;
- }
- then {
- permit;
- }
- }
- }
- }
- }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
