SRX

 View Only
last person joined: 18 hours ago 

Ask questions and share experiences about the SRX Series, vSRX, and cSRX.
  • 1.  (ask) Commited configuration but didn't shown on Operational Mode.

    Posted 01-22-2018 01:19

    I would like to ask. I were configure the on configuration mode on such like following.

     

    set security nat destination pool weboptinnew_10-2-114-46 routing-instance default
    set security nat destination pool weboptinnew_10-2-114-46 address 10.2.114.46/32
    
    set security nat destination rule-set DNAT-IntraDMZ-Global rule dnat_weboptinnew_1 description "dnat to 10.2.114.46, WebOptin new"
    set security nat destination rule-set DNAT-IntraDMZ-Global rule dnat_weboptinnew_1 match destination-address 10.54.34.47/32
    set security nat destination rule-set DNAT-IntraDMZ-Global rule dnat_weboptinnew_1 then destination-nat pool weboptinnew_10-2-114-46

    after it is commited, it should be shown on operational mode. But at current state just came strange.

    {primary:node1}
    ipnet1@SRX-2-DMZ-BSD> show configuration security nat destination rule-set DNAT-IntraDMZ-Global rule dnat_weboptinnew_1 
    description "dnat to 10.2.114.46, WebOptin new";
    match {
        destination-address 10.54.34.47/32;
    }
    then {
        destination-nat {
            pool {
                weboptinnew_10-2-114-46;
            }
        }
    }
    
    {primary:node1}
    ipnet1@SRX-2-DMZ-BSD> show security nat destination rule dnat_weboptinnew_1                                                
    node0:
    --------------------------------------------------------------------------
    
    node1:
    --------------------------------------------------------------------------

    the second command on Operational mode didn't show any changes as the first state does. Can anybody knows what happened there? And how to resolve?



  • 2.  RE: (ask) Commited configuration but didn't shown on Operational Mode.
    Best Answer

    Posted 01-22-2018 01:37

    Can you share the output of below command from config mode?

    Show | compare rollback 1

     

    Also, can you do commit full and check?



  • 3.  RE: (ask) Commited configuration but didn't shown on Operational Mode.

    Posted 01-22-2018 20:03

    It's resolved. Thanks. My collague did it using "commit full". Just come strange when the SRX device didn't apply the configuration after commited.



  • 4.  RE: (ask) Commited configuration but didn't shown on Operational Mode.

    Posted 01-22-2018 02:26

    In operational mode

    show security nat

     

    give you a view of the active nat table status.

     

    Add the word configuration in operational mode to see the active configuration

    show configuration security nat

     

    Inserting configuration allows you to browse the configuration heirarchy in operation mode as if in configuration mode.