• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1055
  • Last Modified:

Range Port Forwarding on Juniper SSG5

Hi,

I'm trying to open ports 10000-20000 on a Juniper SSG 5.

I know how to do it for individual ports via VIP but is there a way to do more ports in one go?

Thanks
0
MattToner
Asked:
MattToner
  • 3
  • 3
1 Solution
 
QlemoC++ DeveloperCommented:
Just define a custom service using the port range. Then add that service in the VIP definition, and provide the first (!) port to map the VIP to (10000).
The according policy for that VIP will automatically allow traffic from those ports, so nothing to do there, if you already have a policy for the VIP.
0
 
MattTonerAuthor Commented:
I have tried that, but it hits a limit of 64 ports.
0
 
QlemoC++ DeveloperCommented:
Possible. That's the way VIP works, it is not intended to have such a wide-spread port range, and unless you want to break it down to 64 ports packages, there is no way around.

You should consider using a MIP instead - if you've got more than one public IP, that is.

Or maybe you should explain why you would need to do that - there might be better options.
0
Configuration Guide and Best Practices

Read the guide to learn how to orchestrate Data ONTAP, create application-consistent backups and enable fast recovery from NetApp storage snapshots. Version 9.5 also contains performance and scalability enhancements to meet the needs of the largest enterprise environments.

 
MattTonerAuthor Commented:
its due to Voice Traffic, (RTP)

I will have a play with MIP instead

Thank you.
0
 
QlemoC++ DeveloperCommented:
NAT with VoIP might be an issue in itself, but using a MIP is better than a VIP for that.
0
 
MattTonerAuthor Commented:
done using MIP and working fine now...

Thanks for your help.
0

Featured Post

Identify and Prevent Potential Cyber-threats

Become the white hat who helps safeguard our interconnected world. Transform your career future by earning your MS in Cybersecurity. WGU’s MSCSIA degree program was designed in collaboration with national intelligence organizations and IT industry leaders.

  • 3
  • 3
Tackle projects and never again get stuck behind a technical roadblock.
Join Now