SRX

 View Only
last person joined: 18 hours ago 

Ask questions and share experiences about the SRX Series, vSRX, and cSRX.

Persistent NAT limitations on vSRX

  • 1.  Persistent NAT limitations on vSRX

     
    Posted 02-23-2021 12:35
    Hi, does anyone know if there are any limitations on using persistent NAT between lt-0/0/0.0 and st0.1 interface in separate zones within a single routing instance on a vSRX?

    I have tried this and the source NAT is working fine and the flows can be clearly seen. When attempting to initiate a ping in the other direction from the external host to the reflexive address (within the timeout period) there is no flow and the "show security nat source persistent-nat-table all" commands provides no output.

    Thanks

    ------------------------------
    Regalis
    JNCIE-ENT
    ------------------------------