Hi,

This is the 7th post in the Quick-Series and this is on SRX-SOURCE-NAT using interface.

Requirement

All Lan traffic (172.20.101.0/24) trying to reach to other-end router 172.18.2.2 should be natted to 172.18.1.2 address.

 

Topology

topology

 

First thing is to verify our srx interface and zone definitions

 

pic-1_zones

Verify if proper policies are in place, also make sure you have to write a policy for traffic from trust zone to untrust zone in order for this traffic to flow.

pic-2-srx_nat_config

Final Verification

 

As we can see 172.20.101.1o is being translated to 172.18.1.2

pic-3-srx_verification

 

Regards

Rakesh M

 

 

 

 

Advertisements