SRX

 View Only
last person joined: yesterday 

Ask questions and share experiences about the SRX Series, vSRX, and cSRX.
  • 1.  Public IP mapping on SRX300

    Posted 12-04-2018 06:29

    Hi,

    I am migrating from SSG5 (ScreenOS) to SRX300 (JUNOS). On the SSG5 box, I have multiple (~20) public IPs mapped to the outside interface. These IPs are mapped to internal IPs (servers) within our LAN i.e. these servers are identifying themselves on the internet using those public IPs. All other PCs/devices on the LAN are using a single public IP assigned as a main one to the outside interface.

    Can somebody please guide me how to achieve that on the SRX300? I have searched here and found some recommendations to use Source/Destination/Static NAT but I don't know which one of them would suit best for my scenario and/or if these can be combined together.

    I have no previous experience with JUNOS (but I can understand individual CLI commands) so I would prefer J-Web guidance, if possible.

    Thanks a million.

    Miro



  • 2.  RE: Public IP mapping on SRX300
    Best Answer

    Posted 12-04-2018 07:40

    Hi,

    If you have same number of internal IPs (~20 or one-to-one mapping IPs ) static nat is best for your scenario. Please refer page no. 13 in the PDF for static nat configuration:

    https://kb.juniper.net/library/CUSTOMERSERVICE/technotes/Junos_NAT_Examples.pdf

     



  • 3.  RE: Public IP mapping on SRX300

    Posted 12-04-2018 14:48

    What is the ScreenOS configuration for the NAT?

     

    If you are using MIP on the interface then use Static NAT on the SRX.

     

    If you are using Inbound DIP, VIP or policy destination NAT then use Destination NAT on the SRX.