[j-nsp] IPSec vs SRX packet flow

Network Geek network.nerdd at gmail.com
Mon Jul 10 21:58:15 EDT 2017


My users are sitting in which need need to access
applications at the other side of an SRX via route-based IPSec configured
on SRX with source proxy-ID

So I need to NAT all to

I can not find reference confirming if source NAT (and security policy)
will be processed before the IPSec. Can anyone shed some light on this?

If IPSec comes first, and any advise on how to get my users initiate the
IPSec without involving another device?


More information about the juniper-nsp mailing list