I am looking to set up an SRX device tha will act as a VPN gateway. We plan on having gateways in all major cities. Clients will then be able to connect to the SRX and connect out as if hey are in that city. So say for instance a client wants to see how routing is done from Comcast in NYC they would connect to the SRX in NYC and do a trace route to their network. If they want to test a VoIP application their call would go out from this ISP. etc. The tricky part is if a client wants no NAT. What happens if a client wans to launch an app using a public IP but the IP is on the SRX. Is there any way of having a second IP on the box that they would some how connect to and the request would be seen as coming from the cable connection as if ther PC they are on has the public IP?
Your requirement is not very clear. Are you asking if you can have 2 IP address on SRX interface and use one Ip for VPN connection and other one for Internet access? If so we can configure 2 IP address and we can achieve what you are trying to do
set interfaces ge-0/0/0 unit 0 family inet address 188.8.131.52/30 primary set interfaces ge-0/0/0 unit 0 family inet address 184.108.40.206/30
configure SNAT pool with one IP adnd use for internet connections.
set security nat source pool P1 address 220.127.116.11/32
Please ignore thi if I have misunderstood the requirement.
Thanks, Suraj Please Mark My Solution Accepted if it Helped, Kudos are Appreciated too
Sorry for not being clear. Let me try to explain what we want to do. We have end users using multiple ISP's such as Verizon FiOS, Optimum, COX etc. This morning we had a problem where packets coming from Optimum were being tampered with and then being ignored becuase our SIP server was not able to understand them. What we want to do is have a Junos device in every major market that we serve connected to multiple internet providers so we can test out through each one and expireince the connection as if we are on that ISP. So in NYC we would orders services from:
We would then some how connect to teh SRX and make phone calls and see how the call went (look at traffic captures at both ends). I know that I can use a VPN/NAT to connect to the SRX but we need to see how the traffic looks when it's as if the phone is on the public IP that is sitting on the SRX. My thought was to have another interface with a different connection and have the phone register and try to send a call to that IP, then have that IP send any traffic it gets say out via optimum to my servers but then I realizes how would the SRX know where to send the traffic to. Am i limited to creating a VPN tunnel and using NAT?