2022. 6. 24. 13:12 WorkHolic
주니퍼 SRX 포트포워딩 수정
728x90
반응형
기존에 주니퍼 외부 아이피의 80, 443 포트를 내부 서버로 포트포워딩 하고 있었다.
[edit]
root@SRX340# show security nat destination
pool 192_168_2_2_443 {
address 192.168.2.2/32 port 443;
}
pool 192_168_2_2_80 {
address 192.168.2.2/32 port 80;
}
rule-set nsw_destnat {
from zone Internet;
rule 0_Web_Server--DMZ_443 {
match {
source-address 0.0.0.0/0;
destination-address 0.0.0.0/0;
destination-port {
443;
}
}
then {
destination-nat {
pool {
192_168_2_2_443;
}
}
}
}
rule 0_Web_Server--DMZ_80 {
match {
source-address 0.0.0.0/0;
destination-address 0.0.0.0/0;
destination-port {
80;
}
}
then {
destination-nat {
pool {
192_168_2_2_80;
}
}
}
}
}
이것을
80->81
443-> 444
로 변경하였다.
방법을 얘기하자면 변경하려고 하는 포트를 set 명령으로 추가하고 기존 포트를 delete 명령으로 삭제해 주면된다.
root@SRX340> edit
Entering configuration mode
The configuration has been changed but not committed
root@SRX340> configure
Entering configuration mode
The configuration has been changed but not committed
root@SRX340# edit security nat destination
root@SRX340# set rule-set nsw_destnat rule 0_Web_Server--DMZ_443 match destination-port 444
[edit security nat destination]
root@SRX340# delete rule-set nsw_destnat rule 0_Web_Server--DMZ_443 match destination-port 443
[edit security nat destination]
root@SRX340# set rule-set nsw_destnat rule 0_Web_Server--DMZ_80 match destination-port 81
[edit security nat destination]
root@SRX340# delete rule-set nsw_destnat rule 0_Web_Server--DMZ_80 match destination-port 80
[edit security nat destination]
root@SRX340# commit check
configuration check succeeds
[edit security nat destination]
root@SRX340# commit
commit complete
[edit security nat destination]
root@SRX340# exit
#주니퍼 #포트포워딩 #환경설정수정 #Juniper #PortForwarding #SRX340
728x90
SMALL
'WorkHolic' 카테고리의 다른 글
| [리눅스] ls로 디렉토리 목록만 보는 몇가지 방법 (0) | 2022.07.12 |
|---|---|
| ESXi 7.0 VMFSL 파티션 용량 문제 (0) | 2022.06.24 |
| 주니퍼 SRX 관리페이지(J-Web) 접속 문제 (0) | 2022.06.24 |
| Juniper SRX DHCP 재설정 (0) | 2022.06.14 |
| HP DL380p Gen8 iLO4 firmware update (Linux) (0) | 2022.04.28 |
