Hi All,
On ASA for hosting my web server i use either of the below configuration:
Method1:
object network DMZ-Webserver-Internal-IP
host 192.168.200.1
nat (DMZ,any) static DMZ-Webserver-External-IP
Method2:
nat (any,DMZ) source static any any destination static DMZ-Webserver-External-IP DMZ-Webserver-Internal-IP
Basically the first one is the source nat which is bidirectional whereas the second one is destination nat it works only if the traffic originates from outside.
Coming to SRX:
I could find the configuration examples for destination nat as below:
set security nat destination rule-set untrust_vips rule DMZ_Test match destination-address 1.1.1.3/32
set security nat destination rule-set untrust_vips rule DMZ_Test then destination-nat pool DMZ-Internal-IP
Is there an way in SRX to create the NAT similar to the second method in ASA?
Correction:
Is there an way in SRX to create the NAT similar to the first method in ASA?
Thanks for any inputs.
Regards,
Chandu