The policy looks good, but your nat isn't translating. You have 0
translation hits. Your destination address is never changed to
192.169.1.214 which is why your policy is never invoked. Is 192.168.1.214
reachable from the SRX? I would say check previous nat rules, but the
position of this one i
l Message -
From: "ben b"
To: "Brendan Mannella"
Cc: "Scott T. Cameron" , "juniper-nsp"
Sent: Tuesday, June 22, 2010 1:32:52 PM
Subject: Re: [j-nsp] SRX Config Question
If the results of the "show security policies detail" operational
If the results of the "show security policies detail" operational command
show the policies in the right order and allowing the right ports and "show
security nat static rule 214" looks like it's natting correctly, and
removing the periods doesn't fix it, the only thing I can think of is that
192.1
- Original Message -
From: "ben b"
To: "Brendan Mannella"
Cc: "Scott T. Cameron" , "juniper-nsp"
Sent: Monday, June 21, 2010 4:19:32 PM
Subject: Re: [j-nsp] SRX Config Question
the rule-set won't be "natting", it'll be whatever
e untrust... I will double
> check and update the list.
>
>
>
>
>
> - Original Message -
> From: "ben b"
> To: "Brendan Mannella"
> Cc: "Scott T. Cameron" , "juniper-nsp" <
> juniper-nsp@puck.nether.net>
> Se
niper-nsp"
Sent: Monday, June 21, 2010 4:10:43 PM
Subject: Re: [j-nsp] SRX Config Question
I noticed you didn't include all of the nat config.make sure you have the
"from-zone" configured for the static nat rule-set...
- Original Message -
From: &
412.224.4333 x303
>> Toll-Free: 866.583.6338
>> Mobile: 412-592-7848
>> Efax: 412.202.7094
>>
>>
>>
>> - Original Message -
>> From: "Scott T. Cameron"
>> To: "juniper-nsp"
>> Sent: Monday, June 21, 2010 1:35:
: "Scott T. Cameron"
> To: "juniper-nsp"
> Sent: Monday, June 21, 2010 1:35:06 PM
> Subject: Re: [j-nsp] SRX Config Question
>
> Your rules actually seem fine at a glance. Are those the only rules in
> your
> system? No deny that might otherwise be blocki
: 412.202.7094
- Original Message -
From: "Scott T. Cameron"
To: "juniper-nsp"
Sent: Monday, June 21, 2010 1:35:06 PM
Subject: Re: [j-nsp] SRX Config Question
Your rules actually seem fine at a glance. Are those the only rules in your
system? No deny that might other
net] On Behalf Of Brendan Mannella
>>> Sent: Monday, June 21, 2010 11:20 AM
>>> To: juniper-nsp
>>> Subject: [j-nsp] SRX Config Question
>>>
>>> So main issue is the firewall does not seem to allow any incoming traffic
>>>
>> on
>>
>&g
0 11:20 AM
To: juniper-nsp
Subject: [j-nsp] SRX Config Question
So main issue is the firewall does not seem to allow any incoming
traffic
on
the ports i opened below on the policies. Anyone have any ideas
what i am
missing?
Hi Brendan,
How are things? I could be wrong, but I believe the issu
> -Original Message-
> From: juniper-nsp-boun...@puck.nether.net [mailto:juniper-nsp-
> boun...@puck.nether.net] On Behalf Of Brendan Mannella
> Sent: Monday, June 21, 2010 11:20 AM
> To: juniper-nsp
> Subject: [j-nsp] SRX Config Question
>
> So main issue is the f
Have a SRX210 that i am migrating to from a NS-5GT. We used a bunch of MIPs and
of course policies to allow numerous port to those MIPs on our NS-5GT. Now
converting to the SRX, i seem to have most everything correct, but the SRX does
not allow any of my "allow" policies to work.
The inter
13 matches
Mail list logo