struggling with this and finding no info on the net I called juniper to
get port forwarding straight and now I am sharing with you.
My setup is very straight forward and simple, I have a "Juniper Netscreen 5GT" and my eMule and Torrent apps are running on 192.168.0.8 and the 5GT is 192.168.0.1 and it is running in trust-untrust mode.
login to your netscreen
go to: Objects > Services > Custom
And create custom service and list all ports you will have to use for bit torrent
Name this: bit torrent OR take a other descriptive name
TCP src port: 1-65535, dst port: 56969-56969
TCP src port: 1-65535, dst port: 56881-56881
UDP src port: 1-65535, dst port: 56881-56881
TCP src port: 1-65535, dst port: 6885-6892
UDP src port: 1-65535, dst port: 6885-6892
then go to network > interfaces > and then edit adsl1
then VIP > press "new VIP service"
virtual ip; (your outside ip that is assigned automatically by your ISP, this should be filled in automatically)
map to service; ( pick the custom service that you just made, bit torrent)
map to IP; (the box that you are running your service on, mine is 192.168.0.8)
then go to
wizards > policy
untrust to trust then next
pick VIP(untrust) under address book
pick the service that you defined in the custom section
enable nat- don’t do anything here just click next
enable logging check that off and Enable count of traffic passed via the policy (this is so you can check to see the traffic- turn this off after you are happy with everything and it is all working)
** The next step must be done. Whitout this forwarding will not work! **
You have to telnet into the netscreen:
in windows go to start > run > then type in:
telnet 192.168.0.1 (Where 192.168.0.1 is the address of YOUR 5gt)
then enter in the user name and password
and then type this command:
set vip multi-port
then it will return you to:
In reset ...
close the black box.
and you are good to go, in a couple of minutes! It will take 3-5 minutes for everything to start working. Fire up the apps and then log in to the 5gt and go reports > policies > and click on the grid thing to see the traffic. If this is not working after 10-15 mins try the telnet commands again and if still not working update firmware and clear all policies, VIP’s, and custom services.