求助，NetScreen 5Gt 如何配置让内网一台Nas可以PT？ ...

MingoX

求助的光猫路由模式达不到100M，拨号却可以达到100M，于是给推荐了这个啊，二手才一百多的设备，没曾想根本就不是家用的玩意。


刚摸索着把拨号配置好，但发现这个跟路由确实是完全不是一等级的玩意啊。
昨天研究了一天把端口映射搞定了，成功把5000端口放出来了，外网可以访问。

现在就是内网NAS想要PT，按端口映射这个做法不行，不知道哪里问题。



http://bbs.et8.net/live/showthread.php?p=13134632&posted=1#post13134632  CCF我也发帖了。
按这个配置了一下，还是不行：

After struggling with this and finding no info on the net I called juniper to get port forwarding straight and now I am sharing with you. my setup is very straight forward and simple, I have a Netscreen 5gt with 3 pcs conected total. my emule and torrent apps are running on 192.168.2.1 and the 5gt is 192.168.2.1. and it is running in trust- untrust mode. how to forward ports for emule or bit torrent or azureus; login to your netscreen go to; Objects > Services > Custom Click new And create custom service and list all ports you will have to use for bit torrent Name this; bit torrent TCP src port: 1-65535, dst port: 56969-56969 TCP src port: 1-65535, dst port: 56881-56881 UDP src port: 1-65535, dst port: 56881-56881 TCP src port: 1-65535, dst port: 6885-6892 UDP src port: 1-65535, dst port: 6885-6892 Hit OK then go to network>interface> and then edit untrust then VIP > add new vip service pick new service virtual ip; (your outside ip that is assigned automatically by your ISP, this should be filled in automatically) map to service; ( pick the custom service that you just made, bit torrent) map to IP; (the box that you are running your service on, mine is 192.168.2.14) hit OK then go to wizards> policy pick untrust to trust then next Destination Address: pick VIP(untrust) under address book next service pick the service that you defined in the custom section action permit next enable nat- don’t do anything here just click next enable logging check that off and Enable count of traffic passed via the policy (this is so you can check to see the traffic- turn this off after you are happy with everything and it is all working) next Authentication Options click none next Schedule: none next finish ------------- *****This step you must do- everyone forgets this step, forwarding will not work otherwise!!!***** then you have to telnet into the netscreen in windows go to start> run> then type in; CMD black box will open and then type; telnet then enter then; open 192.168.2.1 (the 192.168.2.1 is the address of my 5gt) then enter in the user name and password and then type this command; set vip multi-port then it will return you to; ns5gt-> then type; reset then type; y and again; y In reset ... close the black box. and you are good to go, in a couple of minutes! It will take 3-5 minutes for everything to start working. Fire up the apps and then log in to the 5gt and go reports> policies> and click on the grid thing to see the traffic.  If this is not working after 10-15 mins try the telnet commands again and if still not working update firmware and clear all policies, VIP’s, and custom services.