Hi all, I want to open the topic compare with source + destination NAT vs static NAT. Like you know:- Source NAT supports internal IP access to the Internet and is one-way direction- Destination NAT supports access internal IP through IP public from the Internet and is also unidirectional connection.
- Static NAT is known 1-1 mapping.So what happens when deploying source + destination NAT instead of using static NAT. I have a topology: PC: 192.168.1.10/24 ------------ SRX ge0/0/0: 10.10.10.1/24--------- the Internet. Destination NAT: 188.8.131.52 to 192.168.1.10; source NAT pool is also 184.108.40.206 or use source NAT interfaceif I use static NAT, the traffic flow like belowIN: 220.127.116.11/123 -> 18.104.22.168/80OUT 192.168.1.10/80 -> 22.214.171.124/123Reverse staticIN: 192.168.1.10/123 -> 126.96.36.199/23OUT 188.8.131.52/23 -> 184.108.40.206/123and when I use source + destination NATThe non-reverse static is approximate IN: 220.127.116.11/123 -> 18.104.22.168/80 OUT: 192.168.1.10/80 -> 22.214.171.124/123 The resverse statis is approximate IN: 192.168.1.10/123 -> 126.96.36.199/23OUT 188.8.131.52/23 -> 184.108.40.206/456So I think source + destination NAT is okay to deploy bi-directional connection. In a nutshell, what's the root cause to use static NAT? Please clarify for me to truly understand. Regards, Hoang Nguyen Huy
You can use the combination of source and destination NAT and have the same effect as Static NAT.
Static NAT is simply a short cut that allows you to do the both directions NAT all in one configuration. You can use whichever you prefer.