Thanks for the reply , I will try it and feed back ISA
BR,
Mohammad
On Thu, Oct 24, 2013 at 9:16 AM, Ben Hammadi, Kayssar (NSN - TN/Tunis)
kayssar.ben_hamm...@nsn.com wrote:
Hi Mohammad,
You need to add from routing-instance default on the normal NAT rule,
it work for me on 10.4 :
Hi Mohammad,
You need to add from routing-instance default on the normal NAT rule, it
work for me on 10.4 :
NSN@TSA3-GIFWA9002# show security nat source rule-set rs-trust_2_untrust
from zone TRUST;
to zone UNTRUST;
rule nat-trust_2_untrust_10_0 {
match {
source-address lo0 ;
Hi all
I have SRX and I have configured NAT on it with internet access with no
issues
My question is when you ping from the SRX itself using source {LAN} there
is no response even though there is internet access from the LAN clients ,
in Cisco there is response when you ping from the router or the
Check your nat rules to make sure that this self initiated traffic is being
NATted. If you have a restrictive nat rule then the traffic from the
firewall may not match the nat rules.
Also check the flows for the pings to see if nat is taking place
show security flow session protocol icmp
On
The normal NAT handling only works with transit traffic, not self-sourced
traffic.
With newer Junos, you can set up NAT rules using the zone junos-host to get
the wanted behaviour.
/Per
23 okt 2013 kl. 09:34 skrev Mohammad Khalil eng.m...@gmail.com:
Hi all
I have SRX and I have
junos-host appears first in version 11.4.
/Per
23 okt 2013 kl. 10:54 skrev Mohammad Khalil eng.m...@gmail.com:
I am having JUNOS Software Release [10.4R6.5] , I think the feature you are
talking about is not available yet right ?
No I do not have any policies or restrictions , all is
Thanks very much
BR,
Mohammad
On Wed, Oct 23, 2013 at 12:40 PM, Per Westerlund p...@westerlund.se wrote:
junos-host appears first in version 11.4.
/Per
23 okt 2013 kl. 10:54 skrev Mohammad Khalil eng.m...@gmail.com:
I am having JUNOS Software Release [10.4R6.5] , I think the feature you
I am having JUNOS Software Release [10.4R6.5] , I think the feature you are
talking about is not available yet right ?
No I do not have any policies or restrictions , all is allowed
BR,
Mohammad
On Wed, Oct 23, 2013 at 10:56 AM, Per Westerlund p...@westerlund.se wrote:
The normal NAT handling
8 matches
Mail list logo