Hi !
My firewall (SRX-240 10.4R7.5 ) have 3 address on the Untrust interface (A.B.C.74 - A.B.C.76)
What i want : everything use the 74 when going to untrust, but 2 servers should use ip 75 and 76.
I tried like that for the first server (server MY-SERVER should use A.B.C.75/29)
set interfaces ge-0/0/2 unit 0 family inet address A.B.C.74/29
set interfaces ge-0/0/2 unit 0 family inet address A.B.C.75/29
set interfaces ge-0/0/2 unit 0 family inet address A.B.C.76/29
set groups MY-GROUP-75 interfaces ge-0/0/2 unit 0 family inet address A.B.C.75/29 primary
set groups MY-GROUP-75 interfaces ge-0/0/2 unit 0 family inet address A.B.C.75/29 preferred
set security policies from-zone DMZ to-zone untrust policy MY-POLICY match source-address MY-SERVER
set security policies from-zone DMZ to-zone untrust policy MY-POLICY match destination-address any
set security policies from-zone DMZ to-zone untrust policy MY-POLICY match application any
set security policies from-zone DMZ to-zone untrust policy MY-POLICY then apply-groups MY-GROUP-75
set security policies from-zone DMZ to-zone untrust policy MY-POLICY then permit
That is not working, my server still use the A.B.C.74 IP address.