Persistent NAT with target host allows external hosts to establish connections only when the internal
device initiates a session first, ideal for specific interactive applications. Refer to Juniper Persistent
NAT Documentation.
The scenario requires that external hosts be able to initiate a connection only if the internal device
has already initiated a connection. The correct solution is Persistent NAT with target host, which
ensures that a specific external host can initiate new connections back to the internal device, but
only after the internal device has established a session first.
Persistent NAT with Target Host (Answer C): This allows the internal device to initiate a connection,
and once established, the specified external host can also initiate new connections to the internal
device on the same NAT mapping.
Example Configuration:
bash
set security nat source persistent-nat permit target-host-port
This solution is appropriate when controlled bidirectional communication is required based on an
internal-initiated connection.
Reference: Juniper persistent NAT documentation.
