Below are the CLI to Configure Port Forwarding on Juniper SRX320 Firewall
root@GGTVM% root@GGTVM% cli root@GGTVM> configure Entering configuration mode [edit] root@GGTVM# set security nat destination pool 24ONLINE_SERVER address 10.10.0.10/32 port 443 [edit] root@GGTVM# set security nat destination rule-set PORT_FORWARDING from zone untrust [edit] root@GGTVM# set security nat destination rule-set PORT_FORWARDING rule PORT_FORWARDING_SERVER_443_TO_HTTPS match source-address 0.0.0.0/0 [edit] root@GGTVM# set security nat destination rule-set PORT_FORWARDING rule PORT_FORWARDING_SERVER_443_TO_HTTPS match destination-address 103.156.208.99/32 [edit] root@GGTVM# set security nat destination rule-set PORT_FORWARDING rule PORT_FORWARDING_SERVER_443_TO_HTTPS match destination-port 443 [edit] root@GGTVM# set security nat destination rule-set PORT_FORWARDING rule PORT_FORWARDING_SERVER_443_TO_HTTPS then destination-nat pool 24ONLINE_SERVER [edit] root@GGTVM# set security address-book global address SERVER_IP 10.10.0.10/32 [edit] root@GGTVM# set security policies from-zone untrust to-zone trust policy INBOUND_PORT_FORWARDING_SERVER match source-address any [edit] root@GGTVM# set security policies from-zone untrust to-zone trust policy INBOUND_PORT_FORWARDING_SERVER match destination-address SERVER_IP [edit] root@GGTVM# set security policies from-zone untrust to-zone trust policy INBOUND_PORT_FORWARDING_SERVER match application junos-https [edit] root@GGTVM# set security policies from-zone untrust to-zone trust policy INBOUND_PORT_FORWARDING_SERVER then permit [edit] root@GGTVM# commit commit complete