# 配置内网地址
set network virtual-router default interface ethernet1/1 ip 192.168.1.1/24
set zone name trust network layer3 ethernet1/1
# 配置外网地址
set network virtual-router default interface ethernet1/2 ip 203.0.113.1/24
set zone name untrust network layer3 ethernet1/2
# 配置默认路由
set network virtual-router default routing-table ip static-route default nexthop gateway address 203.0.113.254
# 配置NAT
set rulebase nat rules from trust source any destination any service any to untrust destination-translation translated-address 203.0.113.1
# 启用NAT
set deviceconfig system setting session-ttl-common 3600
set deviceconfig system setting tcp-time-wait-timer 30
set deviceconfig system setting udp-time-wait-timer 30