I have a srx240 and am trying to learn junos the best that I can however I have reached my googling capabilities and simply can not figure out nat!
topology
modem -> ge-0/0/0(untrust) -> ge-0/0/2(trust)
I have a basic internal to external nat configured that works fine
set security nat source rule-set internal-to-internet description "NAT anything from trust zone to untrust (LAN to Internet)" set security nat source rule-set internal-to-internet from zone trust set security nat source rule-set internal-to-internet to zone untrust set security nat source rule-set internal-to-internet rule internet-access match source-address 0.0.0.0/0 set security nat source rule-set internal-to-internet rule internet-access match destination-address 0.0.0.0/0 set security nat source rule-set internal-to-internet rule internet-access then source-nat interface
However anytime I attempt to create a destination nat to forward a port it breaks ping to my external interface.
set security nat destination pool siege address 10.x.x.x/32 set security nat destination pool siege address port 6015 set security nat destination rule-set internal-to-wan from zone untrust set security nat destination rule-set internal-to-wan rule siege-wan match destination-address 73.x.x.x/32 set security nat destination rule-set internal-to-wan rule siege-wan then destination-nat pool siege
any help would be appreciated, I have confirmed that my security policies are not causing this break as ping works correctly as long as the destination nat is not in place. I have attached my scrubbed configuration blanking out important details such as login information / password hashes / IP address information. Thanks for any help offered 