Netscreen-5 change Transparent Mode to NAT 1

[digisurf]

Hello,

I'm a Netscreen newbie – I wont to change may Netscreen-5 from Transparent Mode to NAT Mode or Route Mode but I don’t know how. Please help me.

Thanks,
DigiSurf

 

[Njetscreamer]

to change from transparent mode to nat mode, hop on to the cli.

NS>unset int v1-trust zone
NS>unset int v1-untrust zone
NS>set int trust zone trust
NS>set int untrust zone untrust
NS>set int trust ip a.b.c.d W.X.Y.Z
NS>set int untrust ip e.f.g.h s.t.u.v
NS>set route 0.0.0.0/0 int untrust gate i.j.k.l (router ip)
NS>set pol from trust to untrust any any any permit

This is a basic setup, with a default gateway and ips with a policy permitting everything out from the trust zone on any port.

Kind regards

Njetscreamer

 

[digisurf]

Can you explain me the IPs a.b.c.d W.X.Y.Z.,
e.f.g.h. s.t.u.v. and i.j.k.l. please

Thanks Njetscreamer

 

[Njetscreamer]

Sure,

if we assume you have a router doing NAT to get you onto the internet. And this router had say the ip of 192.168.2.1 255.255.255.0 and your internal subnet (trust side of the netscreen) was 192.168.0.1 255.255.255.0 then the config would be as follows.

NS>set int trust ip 192.168.0.1/24
NS>set int untrust ip 192.168.2.2/24
NS>set route 0.0.0.0/0 int untrust gate 192.168.2.1

Kind regards

Njetscreamer