[j-nsp] SRX240 junos 10.3 nat missbehavior?
Stefan Fouant
sfouant at shortestpathfirst.net
Fri Apr 29 19:28:32 EDT 2011
Show us the configs...
Stefan Fouant
GPG Key ID: 0xB4C956EC
Sent from my HTC EVO.
----- Reply message -----
From: "Correa Adolfo" <acorrea at mcmtelecom.com.mx>
Date: Fri, Apr 29, 2011 6:55 pm
Subject: [j-nsp] SRX240 junos 10.3 nat missbehavior?
To: "juniper-nsp at puck.nether.net" <juniper-nsp at puck.nether.net>
ge-0/0/0 is untrust, access to the internet
ge-0/0/3 and ge-0/0/2 trust, port mode access, vlan "x" id 3, l3 vlan.0
Source nat configured "source-nat interface"
Policies "Trust to untrust" and "untrust to trust" any any any permit
Device on ge-0/0/3 can ping device at ge-0/0/0
Laptop at ge-0/0/2 can surf the internet and shows correct ge-0/0/0 ip when consulted at whatsmyip
However a l3 throughput test cannot be done neither a rfc2544 between device at ge-0/0/3 (loop) and device ge-0/0/0 (source).
Monitoring interfaces I can see the traffic arriving at ge-0/0/0 but not being forwarded to ge-0/0/3, routes are correctly installed as the ping and internet surfig shows.
Any idea?
_______________________________________________
juniper-nsp mailing list juniper-nsp at puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp
More information about the juniper-nsp
mailing list