Hi,

This is the 11th post in the Quick-Series and this is on SRX-SOURCE-NAT using Pool and making sure that it does not Do PAT but has another OVERFLOW pool should the primary POOL exhaust of IP addresses.

Requirement

All Lan traffic (172.20.101.0/24) trying to reach to other-end router 11.0.0.2 should be natted to pool of 11.0.0.16/28 and make sure this Pool is not over-loaded. But make sure device has a overflow pool just in case 11.0.0.16/28 subnets runs out of IP-addresses.

Topology

1_topology

Initial config of interfaces

1_srx_zoneandintf

Nat and overflow pool config

nat_overflow_pool_config

Verification of Overflow Pool

overflow_pool

Regards

Rakesh M

.

Advertisements