Hi, does anyone know if there are any limitations on using persistent NAT between lt-0/0/0.0 and st0.1 interface in separate zones within a single routing instance on a vSRX?
I have tried this and the source NAT is working fine and the flows can be clearly seen. When attempting to initiate a ping in the other direction from the external host to the reflexive address (within the timeout period) there is no flow and the "show security nat source persistent-nat-table all" commands provides no output.
Thanks
------------------------------
Regalis
JNCIE-ENT
------------------------------