06-01-2010 08:29 AM
Do NAT rules need to be configured on an SRX firewall in order to pass traffic between different security zones? Or, by default, will the SRX function like a ScreenOS firewall with all of its interface in "Route" mode.
06-01-2010 07:03 PM
Thank you. That is what I thought and what my testing seems to indicate. But I am looking for an answer to some strange connectivity issues with an SRX cluster.
06-05-2010 03:20 PM
to investigate connectivity issues traceing on security flow is big help.
set security flow traceoptions file my_logfile
set security flow traceoptions flags basic-datapath
set security flow traceoptions packet-filter my_filter Some filter condition
Look at he results with (run) show log ny_logfile
JNCIA IDP AC WX JNCIS FW SSL JNCIP SEC ENT SP JNCI
If this worked for you please flag my post as an "Accepted Solution" so others can benefit. A kudo would be cool if you think I earned it.