admin-nsk

А чем это отличается от моей конфигурации, кроме названий?

MonaxGT show sec flow session: Session ID: 9003, Policy name: rdp_access/5, Timeout: 16, Valid In: 333.333.333.333/59101 --> 111.111.111.111/3390;tcp, If: fe-0/0/0.0, Pkts: 3, Bytes: 180 Out: 222.222.222.223/3389 --> 333.333.333.333/59101;tcp, If: fe-0/0/1.0, Pkts: 0, Bytes: 0 show sec nat ru all: Destination port : 3390 Action : rdp-server Translation hits : 60 Successful sessions : 60 Number of sessions : 1

Уважаемые форумчане, помогите найти что не так. Не работает проброс порта. Перекопал всю документацию. Помогите пожалуйста. version 12.1X46-D40.2; system { host-name srx100_1; root-authentication { encrypted-password "$1$Wyt9BEpJ$T7ECDfFYpuIQYPoaCmjNy."; ## SECRET-DATA } name-server { 8.8.8.8; } login { user admin { uid 2000; class super-user; authentication { encrypted-password "$1$U.tKjyJY$9s6v./EHIyuYEQGG5LIP1/"; ## SECRET-DATA } } } services { ssh; web-management { http { interface fe-0/0/1.0; } } } } interfaces { fe-0/0/0 { unit 0 { family inet { address 111.111.111.111/29; } } } fe-0/0/1 { unit 0 { family inet { address 222.222.222.222/21; } } } } routing-options { static { route 0.0.0.0/0 next-hop 111.111.111.112; } } security { address-book { global { address rdp_server 222.222.222.223/32; } } nat { source { rule-set trust-to-untrust { from zone trust; to zone untrust; rule source-nat-rule { match { source-address 0.0.0.0/0; } then { source-nat { interface; } } } } } destination { pool rdp-server { address 222.222.222.223/32 port 3389; } rule-set DNAT { from zone untrust; rule dnat_for_rdp { match { destination-address 111.111.111.111/32; destination-port 3390; } then { destination-nat { pool { rdp-server; } } } } } } } policies { from-zone trust to-zone untrust { policy trust-to-untrust { match { source-address any; destination-address any; application any; } then { permit; } } } from-zone untrust to-zone trust { policy rdp_access { match { source-address any; destination-address rdp_server; application any; } then { permit { destination-address; } } } } } zones { security-zone trust { host-inbound-traffic { system-services { all; } protocols { all; } } interfaces { fe-0/0/1.0; } } security-zone untrust { interfaces { fe-0/0/0.0 { host-inbound-traffic { system-services { ping; ssh; } } } } } } }