got it to work with this , is it possible to make it log failed attempts or smth like it ? I assume not
source {
rule-set nsw_srcnat {
from zone Internal;
to zone Internet;
rule nsw-src-interface {
match {
source-address 0.0.0.0/0;
destination-address 0.0.0.0/0;
}
then {
source-nat {
interface;
}
}
}
}
}
destination {
pool 192_168_1_2_22 {
address 192.168.1.2/32 port 22;
}
rule-set nsw_destnat {
from zone Internet;
rule 0_File_Transfer--Internal_22 {
match {
source-address 0.0.0.0/0;
destination-address 0.0.0.0/0;
destination-port 2222;
}
then {
destination-nat pool 192_168_1_2_22;
}
}
}
}
[edit]
from-zone Internet to-zone Internal {
policy File_Transfer_Internet_Internal {
match {
source-address any;
destination-address any;
application [ nsw-File_Transfer_Internet_Internal_1_ssh junos-ssh ];
}
then {
permit;
log {
session-init;
}
}
}
}
from-zone Internal to-zone Internet {
policy All_Internal_Internet {
match {
source-address any;
destination-address any;
application any;
}
then {
permit;
}
}
}