SRX

 View Only
last person joined: 7 hours ago 

Ask questions and share experiences about the SRX Series, vSRX, and cSRX.

  • 1.  source NAT

    Posted 03-18-2018 04:19

    Hi everyone,

     

     It is possible to nat one source private IP address to many source public IP address?

     I have proxy server with private IP and I would like to nat this IP to many (pool) public IP. Is it possibly? 

     

    Thanks in advance.



  • 2.  RE: source NAT
    Best Answer

     
    Posted 03-18-2018 04:34
    We can do that. As per below rule 1.1.1.1 can get SNAT to 4.4.4.4/8.8.8.8/12.12.12.12


    [edit]

    root@SRX# show security nat

    source {

    pool Multiple-Public-IP {

    address {

    4.4.4.4/32;

    8.8.8.8/32;

    12.12.12.12/32;

    }

    }

    rule-set 1-pvt-to-many-public {

    from zone trust;

    to zone untrust;

    rule test {

    match {

    source-address 1.1.1.1/32;

    }

    then {

    source-nat {

    pool {

    Multiple-Public-IP;

    }

    }

    }

    }

    }

    }



    [edit]

    root@SRX# show security nat | display set

    set security nat source pool Multiple-Public-IP address 4.4.4.4/32

    set security nat source pool Multiple-Public-IP address 8.8.8.8/32

    set security nat source pool Multiple-Public-IP address 12.12.12.12/32

    set security nat source rule-set 1-pvt-to-many-public from zone trust

    set security nat source rule-set 1-pvt-to-many-public to zone untrust

    set security nat source rule-set 1-pvt-to-many-public rule test match source-address 1.1.1.1/32

    set security nat source rule-set 1-pvt-to-many-public rule test then source-nat pool Multiple-Public-IP


  • 3.  RE: source NAT

    Posted 03-18-2018 13:37

    Hi Suraj,

    Many thanks for your solution, it's works perfect 🙂

    Thanks!!!