Hi Team,
we have implemented the juniper secure connect and since we use static routes for two isp and we cannot use two default routes at a time so we thought of doing destination nat on blaze 210--external firewall connected to internet
ex : my ip 183.83.161.151 if this hits the loopback present on blaze 340 10.2.0.10/29 nat 183.83.161.151 to interface ip 10.2.0.1/29 so in this was the loopback will take the 10.2.0.1/29 as next hop instead of default route which points to 10.2.0./29.
I can see the nat is happening on the blaze 210 but i can't see any traffic coming to our core firewall srx 340 .
flow logs in blaze 210 external firewall:
Session ID: 50592, Policy name: untrust-to-trust/10, Timeout: 2, Valid
In: 183.83.161.151/67 --> 10.2.0.10/36239;icmp, If: fe-0/0/7.0, Pkts: 1, Bytes: 92
Out: 10.2.0.10/36239 --> 10.2.0.1/11804;icmp, If: fe-0/0/6.20, Pkts: 0, Bytes: 0
loopback ip doesn't respond with any bytes even for icmp. are we supposed to deploy juniper secure connect only on reth interfaces?casue it's working fine for reth1
we have assigned a zone to loopback ip 10.2.0.10/29 and allowed the inbound services as any and policies as any but it doesn't work.
can we connect to juniper secure connect on loopback ip ?
------------------------------
Scan Bake
------------------------------