Does traffic from Trust to DMZ pass through correctly? I would expect it to since your static nat is configured on ge-0/0/0.0 in trust zone. However from Untrust to DMZ will NOT work because you do not have a static nat object on ge-0/0/1.0 in Untrust zone. Also you will not be able to create same static nat object on ge-0/0/1 if you already have same nat IP on ge-0/0/0. This is a limitation in JUNOS with enhanced services up until 9.4.
I would recommend upgrading to 9.5. With 9.5 and later, J-series uses SRX NAT. With 9.5, NAT is not bound to any interface. Instead NAT is rule based and independent of security policies. So with 9.5 you can basically create a static NAT rule with both Trust and Untrust as your "from zone". That should support what you are trying to do. But with 9.4 and earlier releases, your scenario will not work.
Hello, I think i'm in the same situation : with static-nat, I would like to get two same mapped IP address (172.17.0.140) in two differents interfaces; this interfaces are defined in differents VR (VR-XXX and VR-YYY)
Unfortunaly, i've got an error on the interface ge0/0/1.1: " '172.17.0.140' Static NAT overlaps with static NAT [172.17.0.140 172.17.0.140] defined on interface ge-0/0/1.0 error : configuration check-out failed.
I'm on a J6350 9.2R1.10 ES.
Can you confirm me that when i will upgrade in 9.5 ES, my configuration will be accepted and functionnal?
Beginning in JUNOS 9.5, NAT is decoupled from security policies and defined in nat rules. So your NAT config in its current state will not convert properly when you upgrade to 9.5 and later releases. You will need to remove NAT from your policies and add nat rules instead. Refer to Next-Generation NAT app note for J-Series and SRX.