Re: [j-nsp] Internet access SRX

Ben Hammadi, Kayssar (NSN - TN/Tunis) Wed, 23 Oct 2013 23:19:35 -0700

Hi Mohammad, 

 You need to add " from routing-instance default" on the normal NAT rule, it 
work for me on 10.4 :



NSN@TSA3-GIFWA9002# show security nat source rule-set rs-trust_2_untrust 
from zone TRUST;
to zone UNTRUST;
rule nat-trust_2_untrust_10_0 {
    match {
        source-address " lo0 " ;
    }
    then {
        source-nat {
            pool {
                internet-pool;
            }
        }
    }
}

set security nat source rule-set Jtac from routing-instance default

Br.

BEN HAMMADI Kayssar
 
NOKIA SIEMENS NETWORKS
Lead Engineer -BroadBand Connectivity
JNCIE-M (#471), JNCIE-SP (#1147), CCIP 
Mobile : +216 29 349 952  /  +216 98 349 952


_______________________________________________
juniper-nsp mailing list juniper-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp

Re: [j-nsp] Internet access SRX

Reply via email to