[j-nsp] SRX Adding Second ISP
Maarten van der Hoek
maarten at vanderhoek.nl
Wed Feb 19 11:11:56 EST 2014
Hi Tim,
Make sure the 2nd ISP has it's own routing-engine, furthermore use Firewall
filters to make sure traffic goes to the right engine...
(and of course the NAT-ing of ashish)
Brgds,
Maarten
-----Oorspronkelijk bericht-----
Van: juniper-nsp [mailto:juniper-nsp-bounces at puck.nether.net] Namens ashish
verma
Verzonden: dinsdag 18 februari 2014 11:21
Aan: Tim Donahue
CC: juniper-nsp
Onderwerp: Re: [j-nsp] SRX Adding Second ISP
May be something like below would help.
show configuration security nat
source {
pool isp-1 {
address {
x.x.x.x/x;
}
}
pool isp-2 {
address {
y.y.y.y/y;
}
}
rule-set TRUST-TO-UNTRUST {
from zone TRUST;
to zone UNTRUST;
rule nat-isp1 {
match {
source-address [ server-ip1 server-ip2 ];
}
then {
source-nat {
pool {
isp-1;
}
}
rule nat-isp2 {
match {
source-address [ server-ip3 server-ip4 ];
}
then {
source-nat {
pool {
isp-2;
}
}
}
_______________________________________________
juniper-nsp mailing list juniper-nsp at puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp
More information about the juniper-nsp
mailing list