SRX

last person joined: 2 days ago 

Ask questions and share experiences about the SRX Series, vSRX, and cSRX.

  • 1.  Nat configuration

    Posted 03-24-2014 12:57

    Hi Savvys,

     

    Please, I need help on nat configuration.  

     

    I have two internet and two vlan.

     

     

    set security nat source rule-set trust-to-untrust rule source-nat-rule then source-nat interface    // so ... every traffic will go out on fe-0/0/0 with PAT

     

    but how to set the second subnet to go out with the second internet connection?

    set security nat source rule-set trust-to-untrust rule source-nat-rule then source-nat interface fe-0/0/1 does not work

     

    Many thanks...



  • 2.  RE: Nat configuration

    Posted 03-24-2014 14:09

    What is your configuration at the zone/policy level?  Could this be causing you to have a problem with your traffic flow?



  • 3.  RE: Nat configuration
    Best Answer

     
    Posted 03-24-2014 14:54

    you can not specify which interface the source nat should use , it will use the outgoing interface automatically as per your routing table , for your case , you should use policy based routing , use one single rule for your source nat.

     

    find below an exmaple for policy based routing 

     

    http://kb.juniper.net/InfoCenter/index?page=content&id=KB23300&smlogin=true

     

    Regards

     



  • 4.  RE: Nat configuration

    Posted 03-25-2014 06:25

    Thanks Red1

     

    This could be my possible solution.  

     

    Too bad that junos does not have the options to assign an specific egress interface.  This would simplify the configuration.

     

    set security nat source rule-set trust-to-untrust rule source-nat-rule then source-nat interface

     

    Many thanks