Security

 View Only

  • 1.  fxp0's IP not accessible from outside subnets for SRX345 junos 22.4R1.10

    Posted 09-12-2023 10:44

    Fxp0 port is not able to access on SRX345 and for each commit getting an error as

    "[edit security]
      'nat'
        warning: Configuring NAT rule with match address 0.0.0.0/0 and source-nat/destination-nat off    adds default reject route, causing fxp0's IP not accessible from outside subnets.



    ------------------------------
    MEHROOF K A
    ------------------------------


  • 2.  RE: fxp0's IP not accessible from outside subnets for SRX345 junos 22.4R1.10

    Posted 09-27-2023 14:12

    Hello Mehroof,

    I am not sure how NAT is affecting your default route [Need more info around the configuration and topology] . 

    The fxp0 is designed to be a management port. That's why it does not fall under flow module (no flow lookup). 

    This means that traffic to & from fxp0 is NOT going to be  governed by the NAT rules.

    Can you provide more information around what you are trying to achieve ? It will help in answering your query.

    Thanks!