Hi all
Does anyone know is SRX can do Source NAT to a secondary IP?
I have a situation where my untrust interface has a private address on it 10.107.0.9/29. Currently the Untrust interface connects directly to an EXTERNAL switch, where all the external routers also connect to. The external routers all have a private address in the /29 range.
The ISP has given us an INTERNET router with a public /29 and wants us to connect the router to the EXTERNAL switch.
My question is, if I load a secondary IP on the untrust interface, can I do Source NAT to the secondary IP for internet access.
My other option is to run VLANS on the untrust interface, but then the ISP's all need to change their routers to the correct VLAN...This could take long......
Other option is to plug the INTERNET router directly into the FW....Problem solved.......But IM not sure the client wants it this way.
Any thoughts on SOURCE NAT to the secondary IP would be appreciated
Scotty!!!!!