Hi Team,
I have 4 backend servers listening on port 137. I have source-nat interface configured for accessing these.
set security nat source rule-set rule-set1 rule rule1 match source-address 0.0.0.0/0
set security nat source rule-set rule-set1 rule rule1 match destination-address 0.0.0.0/0
set security nat source rule-set rule-set1 rule rule1 match destination-port 137
set security nat source rule-set rule-set1 rule rule1 then source-nat interface
My policy allows access to 4 servers.
10.31.11.71/32
10.31.11.72/32
10.31.11.73/32
10.31.11.74/32
Apart from server # 2 (10.31.11.72/32) all the others work just fine. All 4 are part of a address-set and are called in the policy as an address-set.
My log server has the following notification:-
reason="source NAT allocation failure"
The log message explanation says:-
“SPU received ACK message from the central point but failed to receive the DIP resource”
Model: srx3600
JUNOS Software Release [12.1X44-D45.2]
Has anyone else faced this? and how to work around this?
Regards,
Anand