hi all,
I've tried to google it a blittle but I wasn't able to find answer to this one. I've tried to configure it via Junos Space using my own logic but without success so I'm probably missing something or it's not technically possible.
Scenario is following: Juniper SRX300 cluster sits on the border with internet . It has inside interface (trust = 10.1.1.1) and outside interface (untrust). Untrust side knows routing back to my private subnets behind trust.
I would like to use firewall's inside address as NAT address. in other words whenever I send traffic with destination of i.e. "10.1.1.1:1111" I would like the firewall to translate the IP address and the port (to i.e. 8.8.8.8:80) and send it by the routing/policy to the untrust.
Technically I don't see any showstopper but apparently my SRX thinks that anything destined to his inside address should be handled by Control/Management plane and not by Data plane. Thus telnet to 10.1.1.1:1111 fails for me. Anything I'm missing?
No comments:
Post a Comment