SRX Services Gateway
Highlighted
SRX Services Gateway

Route Traffic to different next-hop on basis of NATted IP

‎05-29-2018 03:22 AM

Hi,

 

I have a scenario, in which I am connected to two different ISPs with different public IP. I am doing NATting of my Private IPs to Public IPs from two ISP. I want to route traffic to related ISP, if traffic is source natted to Public IP of that ISP.

 

I configured three separate routing-instance (1st Trust, 2nd ISP-1, and 3rd ISP-2). ISP-1/ISP-2 has default static route toward them and redistributing both routes each from ISP to Trust routing Instance.

 

I am facing issue that SRX select one default route which is e.g. ISP-1. If SRX is configured to NAT that traffic to ISP-1 Public IP, NATting and Routing going good. but if SRX is configured to NAT traffic to ISP-2 Public IP, traffic is routed to ISP-1 Next-Hop and skip NATting.

 

Kindly let me know, is it possible to do routing as per my scenario or not.

 

Regards,

Atif.

3 REPLIES 3
Highlighted
SRX Services Gateway

Re: Route Traffic to different next-hop on basis of NATted IP

‎05-29-2018 03:54 AM

Hello,

in Juniper SRX, source NAT happens AFTER route lookup

https://www.juniper.net/documentation/en_US/junos/information-products/pathway-pages/security/securi...

You would need to change Your design to use interface-based source NAT so that xlation automatically picks the public src IP from the Your SRX' interface facing ISP-1/2/3 etc.

Alternate soution would be to use double-lookup with LT interface/cable loop so that another src IP lookup is executed before forwarding the xlated packet out.

HTH

Thx

Alex

_____________________________________________________________________

Please ask Your Juniper account team about Juniper Professional Services offerings.
Juniper PS can design, test & build the network/part of the network as per Your requirements

+++++++++++++++++++++++++++++++++++++++++++++

Accept as Solution = cool !
Accept as Solution+Kudo = You are a Star !
Highlighted
SRX Services Gateway

Re: Route Traffic to different next-hop on basis of NATted IP

‎05-29-2018 04:23 AM

Greetings,

 

Can you more elaborate this part Alternate soution would be to use double-lookup with LT interface/cable loop so that another src IP lookup is executed before forwarding the xlated packet out.

how to do it.

 

Highlighted
SRX Services Gateway

Re: Route Traffic to different next-hop on basis of NATted IP

‎06-04-2018 09:17 PM
Feedback