Is it possible on a vSRX to do the following with NAT:
match destination 1.1.1.1/32 port 2222 from interface 1 in VRF A
DNAT action 2.2.2.2/32 port 22 to interface 2 in VRF B
without having a route in VRF A 2.2.2.2/32 next-table VRF B
and without having a route in VRF B to 0.0.0.0/0 next-table VRF A?
The use case is I have a Juniper vSRX connected to an AWS public gateway. The vSRX has a management interface in VRF A and public, private interfaces in VRF B (management and public interface both have default routes to the AWS public gateway). I want to SSH to a host on the private subnet through the management interface by use of NAT.
No comments:
Post a Comment