hi,
i have configured a static nat on our srx and mapped ine of the public ip to internal ip at the zone LAN.
On the srx there several zones configured and I cant reach that static nat public ip.
Zones are configured on on physical interface ge-0/0/0. Each zone is setup on diffrent vlan.
Zones:
security-zone GROSSE ge-0/0/0.6
security-zone DEMO ge-0/0/0.4
security-zone LAN ge-0/0/0.5
security-zone DMZ-QSC ge-0/0/0.2
Interfaces:
ge-0/0/0 {
vlan-tagging;
unit 2 {
vlan-id 2;
family inet {
address xxx.xxx.xxx.210/28;
unit 5 {
description LAN;
vlan-id 5;
family inet {
address 192.168.1.254/24;
}
}
unit 6 {
description GROSSE;
vlan-id 6;
family inet {
address 192.168.31.254/24;
}
}
show security nat static:
rule-set STATIC-3CX {
from zone untrust;
rule rule-static-3CX {
match {
destination-address xxx.xxx.xxx.212/32;
}
then {
static-nat {
prefix {
192.168.1.200/32;
}
}
}
}
}
I have tried this https://kb.juniper.net/InfoCenter/index?page=content&id=KB17448&cat=SRX_5800_1&actp=LIST
but it still not work from other zones.
waiting for some hints.
regards
ed