SRX

last person joined: yesterday 

Ask questions and share experiences about the SRX Series, vSRX, and cSRX.

  • 1.  Destination NAT on Bogus IP's

    Posted 07-27-2012 07:40

    Hi All

     

    I would ike to configure destination Nat's on my SRX where a user comming in would hit some bogus IP (IP that my firewall does not have configured on any interface) and have them NAT to a real IP that is accisible by the firewall.

     

    Can I just configure destination nat with a destination IP that is not on the firewall?  This would be accessed through a route based VPN so the other side will tunnel that bogus IP to me therefore I dont think proxy-arps would be needed.

     

    I could probably assign this bogus block to my loopback but what if I had many bogus blocks this would then not work.

     

    Thanks!



  • 2.  RE: Destination NAT on Bogus IP's
    Best Answer

    Posted 07-27-2012 10:27

    Hi

     

    Thats possible, no need for proxy-arp or putting address to lo0.

     

    For example, I was using similar config to D-Nat traffic to a non-existing DNS server to a public one (e.g. 8.8.8.8).