Hello,
My SSG NAT is working while running with screen OS 6.2.x . However, I no idea after upgraded to 6.3. Could you please advise what happen? and try to trace where is problem
I have reference to manual
http://www.juniper.net/techpubs/software/screenos/screenos6.3.0/630_ce_AddressTranslation.pdf
Background:
My background is private IP range (192.168.20.x) running with VLAN 20. It will using NAT method to access Internet. There are no need to NAT from external to internal. There will be only one External IP in untrust zone.
-- Implement ---
NAT-Src method will will used from the Egress Interface IP address (Example NAT-src without DIP) showing in P27
----Here is setup of interface and NAT----
# interface (trust)
set interface "ethernet0/3.20" tag 20 zone "INT--NAT"
set interface ethernet0/3.20 ip 192.168.20.1/24
set interface ethernet0/3.20 nat
# Interface (untrust)
set interface "ethernet0/2" zone "Untrust2-zone"
set interface ethernet0/2 ip 202.136.237.241/29
set interface ethernet0/2 route
# Policy
set policy id 197 from "INT-NAT" to "Untrust2-zone" "192.168.20.41 - pc01" "Any" "ANY" nat src permit
set src-address "192.168.20.42 - pc02"
set policy id 197
Even now the private IP range (192.168.20.x) also not able to ping test others trust zone. Prevsiouly there are no any policy setup from zone INT-NAT to other trust zone.
Thanks in advise.