I'm testing some nat and ran across this commit failure.. I wanted to apply that to my source nat rule to use my vpn path to access the website.
I know I can do this on other platforms like Pal . Im going to guess im doing something wrong on the SRX .
If im doing something wrong can someone point me in the right direction ?
Is this something the SRX 300 series cannot do ?
Is there a work around for something like this ?
[edit security nat source rule-set trust-to-VPN]
from zone trust;
to zone VPN;
rule source-nat-10_9_0_24 {
match {
source-address-name 10-9-2-slash24;
destination-address-name [ rfc1918 Juniper-website ];
}
then {
source-nat {
interface;
address-book global address Juniper-website
dns-name
www.juniper.net {
ipv4-only;
}
[edit security nat source rule-set trust-to-VPN rule source-nat-10_9_0_24 match]
'destination-address-name Juniper-website'
Address/address-set(Juniper-website) isn't supported in NAT rule
error: configuration check-out failed