To do port forwarding on ssg5 do you need to public ip addresses

I have an ssg5 setup using an internet connection for L2L VPN. If I want to do port 80 forwarding from the internet to a server behind the firewall would I need another public ip ?
cisco20Asked:
Who is Participating?
 
grimkinConnect With a Mentor Commented:
Hi,

No you won't need another public IP - the whole point of port forwarding is to use one external IP.

HTH
0
 
rsivanandanConnect With a Mentor Commented:
You can use the existing IP on the untrust interface.

http://kb.juniper.net/index?page=content&id=KB4719&cat=SCREENOS&actp=LIST

Refer the above for how to do it.

Cheers,
rsivanandan
0
 
cisco20Author Commented:
Interesting I opened a jtac case and was tolld can't do with only one ip address when doing port 80 forwarding ? have you guys actually configured it this way before ? Does it matter that i'm also using that IP to do VPN tunnel ?
0
 
rsivanandanCommented:
The link I gave above exactly speaks about doing it for 80. Yes, it does work.

Cheers,
rsivanandan
0
 
cisco20Author Commented:
Thanks for the links and the info. Got it to work using only the one IP.
Had to switch my mngmt port to a random port other than 80 and worked fine.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.