Hi,

This is the 10th post in the Quick-Series and this is on SRX-SOURCE-NAT using Pool and making sure that it does not Do PAT, as pool-based NAT by default does PAT or port-overloading.

Requirement

All Lan traffic (172.20.101.0/24) trying to reach to other-end router 11.0.0.2 should be natted to pool of 11.0.0.16/28 and make sure this Pool is not over-loaded.

Topology

1_topology

Initial Config of interfaces and policies

1_srx_zoneandintf

Nat-config

2_policy_and_natconfig

Final verification

final_verify

As we can see, this pool is not configured for overloading.

Regards

Rakesh M

Advertisements