Hope someone can give me some idea about the NAT configuration in double firewalls scenario
internet <-> 1st firewall <-> 2nd firewall <-> internal
1st firewall is vSRX and 2nd firewall is a palo alto physical device
So far, the static NAT configuration to a FTP server in the internal zone can successfully reach from internet.
What left is the Dynamic IP and Port NAT for internal user to reach internet.
NAT on 2nd firewall was done by DIPP on palo alto device. Internal user can reach the zone between the 2 firewalls.
Now I think I need to make NAT on vSRX for the internal user to reach internet.
Should I use "nat static" or "nat source" or any other nat type in this case?