[j-nsp] SRX240 Source Natting

Spam spam-me at fioseurope.net
Wed Sep 26 16:51:57 EDT 2012

Hey All,
Here's another SRX issue I'm having and need help on..
My SRX is connected on 3 Ports. Each in its own Security Domain and subnet.
Sec-Domain: Inside
Sec-Domain: Outside
Subnet: 59.xx.xx.xx/24  (Publicly Routed Addresses)
Sec-Domain: ISP
Subnet: 213.x.x.x/29 (Internet Uplink to ISP)
I need to have all subnets in the Inside Domain Source natted
for Internet access. I have tried to use the Outside interface/domain as the 
interface, but this didn't work. Nor did trying to use a nat Pool of 
59.x.x.x addresses
I have also tried the above on the ISP Domain/Interface with the Nat poll of 
But this also didn't work.  So whats the correct method for getting this to 
BTW, all 3 security domains have full trusts between them.
Big Thanks

More information about the juniper-nsp mailing list