Hi Spukla & community,
Sorry for Jumping in the middle.
This is my first participation in the form for 2 reasons : 1) resolve issue with my firewall config 2) preparing for JNCIA test.
I would like to set correct additional syntacs in my NAT policies for the below senario:
1)I have 3 servers with static IP 172.x.x.101/102/103 inmy trust Zone
2)Those servers have to be remoted from untrust zone under Wan IP 201.x.x.x and from PC S range IPs 10.x.x.10 to 250 & 192.x.x.10 to 250
I tried as below with error in the console terminal :
set security address-book UNTRUST-Book address-set Fujitsu-Server address 201.x.x.x/32
set security nat destination pool Fujitsu-Server-Pool address 172.x.x.101/32
set security nat destination rule-set rs1 rule r1 match destination-address 0.0.0.0/0
set security nat destination rule-set rs1 rule r1 then destination-nat pool Fujitsu-Server-Pool
set security zones security-zone Fujitsu-Server address-book address Server-HTTP-1 172..x.x.101
set security zones security-zone Fujitsu-Server address-book address Server-HTTP-2 172..x.x.102
set security zones security-zone Fujitsu-Server address-book address Server-HTTP-3 172..x.x.103
set security policies from-zone untrust to-zone Fujitsu-Server policy server-access match source-address 192.x.x..10 to 192.x.x.250
set security policies from-zone untrust to-zone Fujitsu-Server policy server-access match source-address 10.x.x..10 to 10.x.x.250
set security policies from-zone untrust to-zone Fujitsu-Server policy server-access match destination-address Server-HTTP-1 Server-HTTP-2 Server-HTTP-3
set security policies from-zone untrust to-zone Fujitsu-Server policy server-access match application junos-http
set security policies from-zone untrust to-zone Fujitsu-Server policy server-access then permit
Thank you in advance for help