We now have a basic routing configuration between VRs. The next thing we need to look at is the configuration so hosts can NAT via the VRs.
root@host# set security nat source rule-set Source_NAT from routing-instance Trust-VR
root@host# set security nat source rule-set Source_NAT to routing-instance Untrust-VR
root@host# set security nat source rule-set Source_NAT rule Source_NAT_Rule1 match source-address 172.16.201.0/24 destination-address 0.0.0.0/0
root@host# set security nat source rule-set Source_NAT rule Source_NAT_Rule1 then source-nat interface
No comments:
Post a Comment