SRX

 View Only
last person joined: 20 hours ago 

Ask questions and share experiences about the SRX Series, vSRX, and cSRX.
  • 1.  Source NAT pool

    Posted 07-24-2017 05:57

    Hi all, 

    I have a topology like below: 

    Client x, y, z -------- SRX --------- Internet

    The SRX device operates source NAT (PAT) pool from Client to access the Internet with IP pool is 111.111.111.0/24 for example. 
    So the client x. y, z also use the same IP NAT 111.111.111.1 with different port or use different IP NAT: 111,111,111,1 ; 111.111.111.2 ; 111.111.111.3 respectively? 

    Thank all 🙂 



  • 2.  RE: Source NAT pool
    Best Answer

    Posted 07-24-2017 06:12

     Nyugen,

     

    The behavior thats generally seen is that they will take different ip addresses.

    However the same Ip can be re-used as there is no hard and fast rule.

    Same source can use a differnet ip for a differnet session.

     

     

    regards,

    Guru Prasad

     



  • 3.  RE: Source NAT pool

    Posted 07-24-2017 18:49

    Hi Guru Prasad, 

    Thank for your clarification 🙂 

    Regards, 
    Hoang Nguyen Huy



  • 4.  RE: Source NAT pool

    Posted 07-26-2017 16:46

    If you want the address pool assignments to be consistent per host take a look at the "address-persistent" and "persistent-nat" options.

     

    https://kb.juniper.net/InfoCenter/index?page=content&id=KB20711



  • 5.  RE: Source NAT pool

    Posted 07-28-2017 17:52

    Hi Spuluka, 

    Thanks for your addition. 
    For more understanding, can you tell when to deploy "persistent-nat"? 
    I have seen the benefit of "address-persistent". However, the scenarios to use "persistent-nat" make me confusion. 

    Regards, 
    Hoang Nguyen Huy 



  • 6.  RE: Source NAT pool

    Posted 07-29-2017 02:51

    You use persistent NAT when the communications between the client and server application will end and then start again in a short period of time.  This makes sure the previous session addresses are still used even with the sessions being gone for the configured period of time.  

     

    If the server application keeps track of the client addresses for some period of time after the transaction then this setting will mirror that behavior on the SRX.



  • 7.  RE: Source NAT pool

    Posted 07-29-2017 09:07

    Hi Spuluka 

    I thank you for broadening my horizon 🙂 I have totally understood.

    Regards, 
    Hoang Nguyen Huy