SRX Services Gateway
Highlighted
SRX Services Gateway

one public ip address for PAT and IPSEC

‎06-26-2014 07:56 PM

Dears,

 

I would like to consult you about my test: i have only one public ip address which will be used as NAT(PAT) and site2site IPSEC VPN. will it work on SRX240? Do I just need to configure NAT and IPSEC seperately or need any special setup?

 

Thanks//Leo

1 REPLY 1
Highlighted
SRX Services Gateway

Re: one public ip address for PAT and IPSEC

‎06-26-2014 10:14 PM

Hi Caiyu,

 

For Internet Traffic , you can use One Public Ip address for Source nat and VPN.

 

ESP packet will also get NATTed using that Public IP address.

 

Problem will be with your Remote VPN peer . It has to decrypt the ESP packet with Public ip of SRX device.

I think it should work but i have not tested .

 

Thanks & Regards,

rparthi


[Please Mark My Solution Accepted if it Helped, Kudos are Appreciated Too] .....

Feedback