Log in to ask questions, share your expertise, or stay connected to content you value. Don’t have a login? Learn how to become a member.
I have a senario where a remote end needs src nat through vpn (hide nat). I've exposed the egress IP over the tunnel and can ping from a host in my trusted network to a host in the remote network. They're exposing their internal addresses over the tunnel. They need to perform a connection to a socket on a host in my trusted network. How is this suppose to be configured? I've attempted a VIP on the egress IP to my trusted host's port and dst NAT on the Untrust -> Trust policy. They can't connect to the socket. Any example configs would be appericated.
Hi ,
How have you configured the VIP , on the tunnel interface ?
Could you please share the config with us.
You can refer the below link for a KB regarding MIP for a policy based VPN
http://kb.juniper.net/KB9924
I was configuring the VIP on the Untrust interface not the tunnel interface. That was the issue.