Hi,
From the below configuration,
[edit]
lab@srx1# show security nat
source {
pool 1 {
address {
172.18.1.3/32 to 172.18.1.4/32;
}
}
rule-set 2 {
from interface ge-0/0/4.101;
to zone untrust;
rule 3 {
match {
source-address 172.20.101.0/24;
}
then {
source-nat {
pool {
1;
}
}
}
}
}
}
This Nat configuration with 172.18.1.3 and 172.18.1.4 NAT IP's are accepted if these address are configured on the interface
lab@srx1# show interfaces ge-0/0/3.0
family inet {
address 172.18.1.2/24;
address 172.18.1.3/24;
address 172.18.1.4/24;
}
As far as my Pool understanding goes with Any NAT pool, the Pool of Addresses may not necessarily present on the system bearing one ip facing the NAT interface.
Is this the default behaviour with Junos-SRX or sort of bug with Firefly ? I do not have a SRX handly to replicate the problem
Thank