Message Image

Skip main navigation (Press Enter).

Screen OS

last person joined: 8 months ago

This is a legacy community with limited Juniper monitoring.

Back to discussions

Expand all | Collapse all

New zone no automatic interface based NAT?

Jump to Best Answer

Erdem03-23-2012 04:25

Hi I wonder if someone can enlighten? I have created a new L3 zone called "other" in the trust vr ...

spuluka03-23-2012 04:38Best Answer

Interface based nat only works on specific zones and does not work on custom zones. You will need to ...

Erdem03-23-2012 05:50

Thanks Steve for your very quick answer.

1. New zone no automatic interface based NAT?

0 Recommend
Erdem
Posted 03-23-2012 04:25
Hi I wonder if someone can enlighten?

I have created a new L3 zone called "other" in the trust vr
I edited the interface with a new network, NAT mode and the trust zone "other"
Then created a policy from zone "other" to untrust source new network destination any.
My point is that interface based NAT is not automatically used for this new zone.
The default behaviour for the trust to untrust zone is that interface based NAT is enabled.
Is this normal behaviour and do I need to apply NAT on every policy or is this a setting somewhere?

Many thanks
2. RE: New zone no automatic interface based NAT?
Best Answer

0 Recommend
spuluka
Posted 03-23-2012 04:38
Interface based nat only works on specific zones and does not work on custom zones. You will need to configure nat using policies or one of the other methods for custom zones.
3. RE: New zone no automatic interface based NAT?

0 Recommend
Erdem
Posted 03-23-2012 05:50
Thanks Steve for your very quick answer.

Powered by Higher Logic