Dear juniper guys.
On my previous post i had some problems with the public ip forward ports, it's solved. I have manage to open couple of ports of just one ip.
But , there is always but...
Seems even if i have open the ports i can telnet them through the internal network of the juniper but not to outside network.
For example .
If i telnet 18.104.22.168 "public ip" with port 3389 or 135 which are perfectly bound to public ip and telneted to internal network shows open.
If i telnet those ports from outside network , they are closed.
Probably it's some small issues , i can't find any salution to it.
Any help will be appreciate , with that.
Rules for both nat and security policy are written specifying the ingress and egress zones. The connections from internal interfaces and from outside the network are likely going to hit at least different security policies if not also different nat rules.
This chart shows where the packet processing occurs. The zone selection for traffic takes place before source nat and after destination nat occurs to match configured rules.
This kb article shows how to determine what a flow is doing during processing.