Juniper supports this technology , you can create virtual ip address on your interface and the ip address can be different than your reel ip address.
For instance;
You can configure your interface like this sample ;
set interfaces reth7 redundant-ether-options redundancy-group 1
set interfaces reth7 unit 0 description MY DEVICE
set interfaces reth7 unit 0 family inet address 10.127.147.2/30
it is not necessary but you can get help from proxy arp.
set security nat proxy-arp interface reth7.0 address 10.127.148.21/32
set security nat proxy-arp interface reth7.0 address 10.127.148.22/32
ıf other company type ;
ip route 10.127.148.0 255.255.255.0 10.127.147.2
they can reach your network and ıf you apply destination nat also they reach on your webserver easily.
set security nat static rule-set TEST_static from zone TEST
set security nat static rule-set TEST_static rule server match destination-address 10.127.148.21/32
set security nat static rule-set TEST_static rule server then static-nat prefix 172.20.34.2/32
set security nat static rule-set TEST_static rule server9 match destination-address 10.127.148.22/32
set security nat static rule-set TEST_static rule server9 then static-nat prefix 172.20.34.9/32
Hiç yorum yok:
Yorum Gönder