Using the CLI to configure NAT/Route mode
- Connect to the CLI Using a serial cable to connect the Console port of the primary worker, which would usually be the worker in slot 3.
- You can also use SSH or Telnet to connect to the External Management IP/Netmask.
-
Configure the primary and secondary DNS server IP addresses.
config global
config system dns
set primary <dns-server_ip>
set secondary <dns-server_ip>
end
end
-
Connect to the root VDOM.
config vdom
edit root
-
From within the root VDOM, configure the interfaces.
config system interface
edit fctrl/f1
set ip 172.20.120.10
next
edit fctrl/f2
set ip 10.31.101.40
end
-
Add the default route.
config router static
edit 1
set device fctrl/f1
set gateway 172.20.120.2
end
-
Add a security policy.
config firewall policy
edit 1
set srcintf fctrl/f2
set scraddr all
set dstintf fctrl/f1
set dstaddr all
set action accept
set schedule always
set service ANY
set nat enable
end