No the session is not up , and I have changed the port to be 23 on both sides (junos-telnet) and still not working ?
On Thu, Nov 28, 2013 at 1:04 PM, Per Westerlund <p...@westerlund.se> wrote: > No, those source nat rules should have no effect on you problem. When the > inbound traffic matches (hopefully) the requirements, a complete flow is > set up. The return traffic automatically gets the proper nat handling to > match the inbound traffic. The outbound traffic will use source NAT that > matches the inbound destination NAT. > > The source NAT rules you showed only affect traffic initiate from the > trust zone, exiting to the untwist zone. > > Your problem is unfortunately somewhere else. > > Do you get a session set up at all (could be a problem at the target host)? > > show security flow session destination-prefix > 24.173.164.162/32destination-port 3333 > > It can be helpful to trace the flow setup to see if there is any traffic > at all, and where it fails. > > /Per > > 28 nov 2013 kl. 10:53 skrev Mohammad Khalil <eng.m...@gmail.com>: > > Yes , it's in place with no luck > set security nat source rule-set trust-to-untrust from zone trust > set security nat source rule-set trust-to-untrust to zone untrust > set security nat source rule-set trust-to-untrust rule nonat match > source-address 132.147.160.0/24 > set security nat source rule-set trust-to-untrust rule nonat match > destination-address 132.150.160.0/24 > set security nat source rule-set trust-to-untrust rule nonat then > source-nat off > set security nat source rule-set trust-to-untrust rule nonat2 match > source-address 132.147.160.0/24 > set security nat source rule-set trust-to-untrust rule nonat2 match > destination-address 10.6.1.0/24 > set security nat source rule-set trust-to-untrust rule nonat2 then > source-nat off > set security nat source rule-set trust-to-untrust rule source-nat-rule > match source-address 0.0.0.0/0 > set security nat source rule-set trust-to-untrust rule source-nat-rule > match destination-address 0.0.0.0/0 > set security nat source rule-set trust-to-untrust rule source-nat-rule > then source-nat interface > > Do the above configuration affect what am doing ? am not that expert in SRX > > > _______________________________________________ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp