I have simple test- config SRX210
interfaces {
ge-0/0/0 {
disable;
}
ge-0/0/1 {
disable;
}
fe-0/0/2 {
unit 0 {
family inet {
address 192.168.52.1/24;
}
}
}
fe-0/0/3 {
disable;
}
fe-0/0/4 {
disable;
}
fe-0/0/5 {
disable;
}
fe-0/0/6 {
disable;
}
fe-0/0/7 {
description ISP-1;
unit 0 {
family inet {
address 192.168.230.133/24;
}
}
}
lo0 {
unit 0 {
family inet {
address 127.0.0.1/32;
}
}
}
}
routing-options {
static {
route 0.0.0.0/0 next-hop 192.168.230.1;
}
}
protocols {
stp;
}
security {
flow {
tcp-mss {
ipsec-vpn {
mss 1350;
}
}
}
screen {
ids-option untrust-screen {
icmp {
ping-death;
}
ip {
source-route-option;
tear-drop;
}
tcp {
syn-flood {
alarm-threshold 1024;
attack-threshold 200;
source-threshold 1024;
destination-threshold 2048;
timeout 20;
}
land;
}
}
}
nat {
source {
rule-set trust-to-untrust {
from zone trust;
to zone untrust;
rule source-nat-rule {
match {
source-address 192.168.52.0/24;
destination-address 0.0.0.0/0;
protocol [ tcp udp icmp ];
}
then {
source-nat {
interface;
}
}
}
}
}
}
policies {
from-zone trust to-zone untrust {
policy trust-to-untrust {
match {
source-address any;
destination-address any;
application any;
}
then {
permit;
}
}
}
}
zones {
security-zone trust {
address-book {
address LOCALNET 192.168.52.0/24;
}
host-inbound-traffic {
system-services {
all;
}
protocols {
all;
}
}
interfaces {
fe-0/0/2.0;
}
}
security-zone untrust {
screen untrust-screen;
host-inbound-traffic {
system-services {
ssh;
ike;
ping;
https;
http;
}
protocols {
all;
}
}
interfaces {
fe-0/0/7.0;
}
}
}
}
version 12.1X46-D50.4 not working ....
On the hostin the network192.168.230.0 I see"untranslated"packets 192.168.52.0
version 12.1X44-D30.4 OK! .... -packetsare transmittedas a 192.168.230.133