Hello Juniper Community,
I have a network setup with SRX-A, SRX-B, and SRX-HQ. Both SRX-A and SRX-B are connected to SRX-HQ via tunnels, but they are not directly connected to each other. From SRX-HQ, I can access the internal network of SRX-B.
I would like to know if there is a way to configure SRX-HQ so that SRX-A can also access the internal network of SRX-B. I am seeking a simple solution that doesn't require additional configuration on SRX-A or SRX-B, such as with hub-and-spoke or direct tunnel connections.
This is important because there are many other SRX routers connected to SRX-HQ, and they should also be able to access SRX-B through SRX-HQ. Additional configurations on SRX-HQ and other SRX routers are not an issue since I have control over them, but SRX-B is not under my control. Therefore, I need a minimalistic approach for configuration to ensure all SRX routers can access the SRX-B network (server on private network).
Is there any method, such as destination NAT, that can provide secure access to the internal server at SRX-B only for these specific routers, without involving extensive configuration? I am unsure how cooperative the administrators of SRX-B will be.
Thank you for your assistance!
------------------------------
Selvedin Prijic
------------------------------