Hello
I just checked the SCTP feature support on SRX. Static NAT for both IP and the payload is supported.
Here is the entire list of feature support for SCTP on SRX:
- Policy based SCTP inspection
- Packet sanity check
- Stateful inspection
- Static NAT:
- IP header
- IP-list in the payload of INIT/INIT-ACK
- IPv6 and NAT-PT
- Multi-chunk inspection
- SCTP over IPsec
- HA and ISSU
- Protocol blocking:
- max support 64 upper layer protocols
- limit packets rate per association, for different upper layer protocols
I also referred to similar cases reported by some other customers using this. They see this feature to be working as expected. Please ensure Security policy is configured to explicity use the pre-defined application, "junos-g prs-sctp" and "junos-sctp-any".
I hope this helps.
Regards,
Vikas
Juniper TAC - CFTS