(In the actual deployment process of Juniper firewall, there are three main modes to choose from. Transparent mode for layer protocols. 2.1. NAT mode When the Juniper firewall ingress interface ("intranet port") is in NAT mode, the firewall converts two components in the IP packet to the Untrust zone (external network or public network): source IP address and Source port number. The firewall replaces the source IP address of the originating host with the IP address of the interface in the Untrust zone (external network or public network); and replaces the source port number with an arbitrary port number generated by the firewall. The environmental characteristics of NAT mode use: ①The number of registered IP addresses (public network IP addresses) is lacking; ②The internal network uses a lot of non-registered IP addresses (private network IP addresses) to legally access the Internet; ③There are requirements in the internal network. The server that provides services to the outside world. 2.2, Route-Route mode
Three deployment modes and basic configuration of Juniper firewall.pdf)
收藏
