Message Image

Skip main navigation (Press Enter).

Screen OS

last person joined: 8 months ago

This is a legacy community with limited Juniper monitoring.

Back to discussions

Expand all | Collapse all

VIP / Dst NAT through route based VPN

Jump to Best Answer

Erdem10-09-2012 08:44

I have a senario where a remote end needs src nat through vpn (hide nat). I've exposed the egress IP ...

sarab10-09-2012 10:21Best Answer

Hi , How have you configured the VIP , on the tunnel interface ? Could you please share ...

Erdem10-09-2012 10:28

I was configuring the VIP on the Untrust interface not the tunnel interface. That was the issue.

1. VIP / Dst NAT through route based VPN

0 Recommend
Erdem
Posted 10-09-2012 08:44
I have a senario where a remote end needs src nat through vpn (hide nat). I've exposed the egress IP over the tunnel and can ping from a host in my trusted network to a host in the remote network. They're exposing their internal addresses over the tunnel. They need to perform a connection to a socket on a host in my trusted network. How is this suppose to be configured? I've attempted a VIP on the egress IP to my trusted host's port and dst NAT on the Untrust -> Trust policy. They can't connect to the socket. Any example configs would be appericated.
2. RE: VIP / Dst NAT through route based VPN
Best Answer

0 Recommend
sarab
Posted 10-09-2012 10:21
Hi ,

How have you configured the VIP , on the tunnel interface ?

Could you please share the config with us.

You can refer the below link for a KB regarding MIP for a policy based VPN

http://kb.juniper.net/KB9924
3. RE: VIP / Dst NAT through route based VPN

0 Recommend
Erdem
Posted 10-09-2012 10:28
I was configuring the VIP on the Untrust interface not the tunnel interface. That was the issue.

Powered by Higher Logic