Hi everyone,
Let say we have following static nat config;
SRX ge1/1/1-----(EXTERNAL ZONE)
set security nat static nat rule-set TEST from zone EXTERNAL
set security nat static nat rule-set TEST rule R1 match destination-address 199.199.199.1/32
set security nat static nat rule-set TEST rule R1 then static nat prefix 10.10.10.1/32
set security nat static nat rule-set TEST rule R2 match source-address 200.200.200.1/32
set security nat static nat rule-set TEST rule R2 match destination-address 199.199.199.1/32
set security nat static nat rule-set TEST rule R2 then static nat prefix 10.10.10.1/32
SRX receives traffic on g1/1/1 src ip 200.200.200.1 dst ip 199.199.199.1.
What rule SRX use to match? R1 because it is first rule or Rule R2 beause it is more specific? In other words, when evaluating NAT rules, does order matter or more specific rule will be chosen regardless of order?
2) If the above is also true for Source Nat, destination NAT?
Thanks and have a nice weekend