[j-nsp] ns-50 NAT problem
Andrew Mulheirn
Andrew.Mulheirn at telindus.co.uk
Tue Jul 17 09:14:37 EDT 2007
Hi there,
>From past experience, we've found it impossible to get the Netscreen to
do this. It can't use anything other than a MIP or the egress interface
of the box. I think is is an architectural thing - NAT is configured
around an interface in ScreenOS.
In this respect it differs from a PIX, where translations don't need to
be tied to the interface in any way - they're simply specified in the
"ip nat ..." statements.
Sorry to disappoint...
Andrew
-----Original Message-----
From: juniper-nsp-bounces at puck.nether.net
[mailto:juniper-nsp-bounces at puck.nether.net] On Behalf Of Gabriel
Sent: Tuesday, July 17, 2007 1:23 PM
I am having problems configuring a nat on a netscreen 50. Basically I
have two interfaces facing the web with two different types of links and
an internal interface facing the office. What I would like to do is have
the NAT use a loopback IP on the netscreen as the translation IP...but
for some reason this doesn't work. The only way I have been able to make
it work is by binding the NAT IP to one of the external interfaces...but
this is not what I want since I would like my configuration to be
redundant so that if one of my external interface fails...I'm still
online.
This e-mail is private and may be confidential and is for the intended recipient only. If misdirected, please notify us by telephone and confirm that it has been deleted from your system and any copies destroyed. If you are not the intended recipient you are strictly prohibited from using, printing, copying, distributing or disseminating this e-mail or any information contained in it. We use reasonable endeavours to virus scan all e-mails leaving the Company but no warranty is given that this e-mail and any attachments are virus free. You should undertake your own virus checking. The right to monitor e-mail communications through our network is reserved by us.
More information about the juniper-nsp
mailing list