Juniper JUNOS SRX NAT – Static ‘One-to-One’
SRX NAT KB ID 0000995 Problem Setting up ‘Static NAT’ is the process of taking one of your ‘spare’ public IP addresses, and permanently mapping that public IP to a private IP address on your network. In the example above I want to give my web sever which has an internal IP address of 192.168.1.10/24, the public IP address of 1.1.1.5/24. So if someone out on the Internet wants to view my website, they can...
Juniper SRX – ‘The Routing Subsystem Is Not Running’
KB ID 0001045 Problem While trying to deploy Solarwinds to monitor a Juniper SRX failover cluster, we were having no joy connecting to the management interface of the secondary/standby firewall. The management (fxp0) interface on the primary (node0) firewall we could get to OK. ] After jumping on the secondary firewall (via the console connection) we observed the following; error: the routing subsystem is not running Solution As you...
Cisco Routers – Port Forwarding
KB ID 0000533 Problem If you have a server or host that you want to be publicly addressable and only have one public IP address then port forwarding is what you require. Solution Assumptions 1. You have a public IP on the outside of your Router. 2. You are performing NAT from your internal range of IP address to your External IP address. To Make Sure 1. Run the following command: PetesRouter#show run | include ip nat inside You...
Cisco Simple GRE Tunnels (With IPSEC)
KB ID 0000951 Problem I’ve spent years setting up VPN tunnels between firewalls. The only time I’ve ever dealt with GRE is for letting VPN client software though firewalls. GRE’s job is to ‘encapsulate’ other protocols and transport those protocols inside a virtual point to point link. Below is the topology, I’m going to use. The tunnel will run form Router R1 to Router R3, once complete I should be...
Cisco Router – Configure NAT (NAT Overload)
KB ID 0000971 Problem NAT is the process of taking one or more IP adresses and tranlsating it/them into differnet IP addreses. You may require your router to translate all your internal IP addresses to your public (ISP allocated) IP address. To do that we use a process called NAT Overload. Solution 1. Connect to the router, and got to enable mode, then global configuration mode. PetesRouter#configure terminal Enter configuration...