Dear team,
Today we tested the features NAT source pool with no PAT. As your mindset, if we have 3 sessions (ssh, telnet, ping), the SRX device will translate to 3 IPs but in realistic, just NAT to 1 IP. It seems NAT with no PAT, the behavior is similar with address-persistent, right?
Session ID: 8420, Policy name: trust-to-untrust/4, Timeout: 1718, Valid
In: 10.10.1.2/59266 --> 172.16.1.2/23;tcp, If: ge-0/0/2.0, Pkts: 11, Bytes: 516
Out: 172.16.1.2/23 --> 172.16.1.4/59266;tcp, If: ge-0/0/1.0, Pkts: 10, Bytes: 496
Session ID: 8424, Policy name: trust-to-untrust/4, Timeout: 1730, Valid
In: 10.10.1.2/59273 --> 172.16.1.2/22;tcp, If: ge-0/0/2.0, Pkts: 12, Bytes: 2025
Out: 172.16.1.2/22 --> 172.16.1.4/59273;tcp, If: ge-0/0/1.0, Pkts: 10, Bytes: 2477
Session ID: 8548, Policy name: trust-to-untrust/4, Timeout: 2, Valid
In: 10.10.1.2/2429 --> 172.16.1.2/1;icmp, If: ge-0/0/2.0, Pkts: 1, Bytes: 60
Out: 172.16.1.2/1 --> 172.16.1.4/2429;icmp, If: ge-0/0/1.0, Pkts: 1, Bytes: 60
Thanks,
ThinhND