Question : How to configure SSG-140 with multiply public IP's on single interface.

Layout:
ISP: WAN block 10.10.50.2/30 gateway 10.10.50.1
ISP: LAN block 10.10.30.2-.6/29 gateway 10.10.30.1

Office:
vlan.1 10.10.11.1
vlan.2 10.10.12.1
vlan.3 10.10.13.1

Policies:
from vlan.1 to untrust any any web(http,https ... )
from vlan.1 to vlan.2 any any any
from vlan.1 to vlan.3 10.10.11.2 10.10.13.1 3000
from vlan.1 to vlan.3 10.10.11.3 10.10.13.1 3000
from vlan.1 to vlan.3 any 10.10.13.2 Email
from vlan.1 to vlan.3 any 10.10.13.2 ssh

from untrust to vlan.2 any 10.10.12.2 4000

from untrust to vlan.3 any 10.10.13.4 4000
from untrust to vlan.3 any 10.10.13.2 Email

Problem is, i am not sure who to configure SSG-140 so i can access from outside 10.10.12.2:4000
i would need to use 10.10.30.2:4000 and to access 10.10.13.4:4000 will need to use 10.10.30.3:4000

Best thing would be if i can have all vlan's with NAT src and NAT dst and with PAT.

Configuring with dip i end up opening ports with vip and using only 10.10.50.2 for access from outside.

Thanks

Answer : How to configure SSG-140 with multiply public IP's on single interface.

Wan block and you set it up with multi-port VIP.

Yes, if you use MIP that is the case, but you can use VIP which allows you to have different destination port.

http://wiki.xdroop.com/space/Juniper/Netscreen/Multi-port+VIP

Just take a look at the above. For configuration;

http://kb.juniper.net/KB12652

This link above should clarify everything.

Cheers,
rsivanandan

Random Solutions

The System Protection Tab is missing in Vista. How can I restore it?

Cannot Open "Room Mailbox" Exchange 2010

SharePoint Wiki

PERL Export to CSV

Hyperlink to an attachment in Outlook

WS-X4448-GB-SFP setting MTU size per interface

restore count on ID number

Asp.net Drop Down List remember last item selected

Recovering a mailbox from backup