SRX Services Gateway
Highlighted
SRX Services Gateway

Behavior with Vsrx Firefly - SOURCE NAT With Pool utilization

‎05-17-2014 04:31 AM

Hi,

 

From the below configuration,

 

[edit]
lab@srx1# show security nat
source {
    pool 1 {
        address {
            172.18.1.3/32 to 172.18.1.4/32;
        }
    }
    rule-set 2 {
        from interface ge-0/0/4.101;
        to zone untrust;
        rule 3 {
            match {
                source-address 172.20.101.0/24;
            }
            then {
                source-nat {
                    pool {
                        1;
                    }
                }
            }
        }
    }
}
 


This Nat configuration with 172.18.1.3 and 172.18.1.4 NAT IP's are accepted if these address are configured on the interface

lab@srx1# show interfaces ge-0/0/3.0
family inet {
    address 172.18.1.2/24;
    address 172.18.1.3/24;
    address 172.18.1.4/24;
}

 

 

 

As far as my Pool understanding goes with Any NAT pool, the Pool of Addresses may not necessarily present on the system bearing one ip facing the NAT interface.

 

Is this the default behaviour with Junos-SRX or sort of bug with Firefly ? I do not have a SRX handly to replicate the problem

 

Thank

1 REPLY 1
Highlighted
SRX Services Gateway
Solution
Accepted by topic author rakesh.madupu@nsn.com
‎08-26-2015 01:27 AM

Re: Behavior with Vsrx Firefly - SOURCE NAT With Pool utilization

‎05-17-2014 04:52 AM

Never Mind ! I had to configure Proxy-arp for ARP Response Packets

 

It is solved now

 

Thanks