SRX Services Gateway
SRX Services Gateway

Nat configuration

‎03-24-2014 12:57 PM

Hi Savvys,

 

Please, I need help on nat configuration.  

 

I have two internet and two vlan.

 

 

set security nat source rule-set trust-to-untrust rule source-nat-rule then source-nat interface    // so ... every traffic will go out on fe-0/0/0 with PAT

 

but how to set the second subnet to go out with the second internet connection?

set security nat source rule-set trust-to-untrust rule source-nat-rule then source-nat interface fe-0/0/1 does not work

 

Many thanks...

3 REPLIES 3
SRX Services Gateway

Re: Nat configuration

‎03-24-2014 02:08 PM

What is your configuration at the zone/policy level?  Could this be causing you to have a problem with your traffic flow?

SRX Services Gateway
Solution
Accepted by topic author whlee
‎08-26-2015 01:27 AM

Re: Nat configuration

‎03-24-2014 02:53 PM

you can not specify which interface the source nat should use , it will use the outgoing interface automatically as per your routing table , for your case , you should use policy based routing , use one single rule for your source nat.

 

find below an exmaple for policy based routing 

 

http://kb.juniper.net/InfoCenter/index?page=content&id=KB23300&smlogin=true

 

Regards

 


if this worked for you, kindly help other visitors/members of our community by tagging this post as "Accepted Solution".
Kudos are good way of appreciation.
-------------
Red1
JNCIE-SEC #158, JNCIP-SP, JNCIS- ( FWV, SA, AC )

SRX Services Gateway

Re: Nat configuration

‎03-25-2014 06:25 AM

Thanks Red1

 

This could be my possible solution.  

 

Too bad that junos does not have the options to assign an specific egress interface.  This would simplify the configuration.

 

set security nat source rule-set trust-to-untrust rule source-nat-rule then source-nat interface

 

Many thanks