Need Master to figure out problem pls



  • It is please to ask all…I follow the guide to setup SRXH100

    JUNOS 10.4R8.5 BIOS 2.0

    My WAN IP is 113.28.0.124 -> SP-0/0/0.0  ; GW 113.28.0.126
    LAN 192.168.100.1 - >  fe-0/0/0.0

    I follow many post to do but still cannot get on internet .

    What I did
    1.Setup SP-0/0/0.0 - > 113.28.0.124/28
    2.Add router , with default G.W router 0.0.0.0/0 Next-hop 113.28.0.126
    3.Config Security Zone Trust -> fe-0/0/0.0 , Untrust - > SP-0/0/0.0
    4 Security Policy Allow From trust ( ANY ) to Untrust ( ANY) , Permit
    5 Source NAT From Trust ( 0.0.0.0/0) to Untrust ( IP field blank )  , Action -> Do Source NAT with Engreee Interface
    6 Security Policy , Trust to Untrust , Action " Permit , NAT Translation "Drop packets with translate address "



  • maybe make the natting as simple as it is first…
    from my configuration back home, below;
    routing-options {
        static {
            route 0.0.0.0/0 next-hop X.X.X.X;

    security {
        nat {
            source {
                rule-set trust-to-untrust {
                    from zone trust;
                    to zone untrust;
                    rule source-nat-rule {
                        match {
                            source-address 0.0.0.0/0;
                        }
                        then {
                            source-nat {
                                interface;

    or tried the proxy arp on your untrust interface…

    tia,
    winters



  • I really like your way of expressing the opinions and sharing the information. It is good to move as chance bring new things in life, paves the way for advancement, etc.70-668//70-685//70-686//1z0-007//1z0-042//ISC2//9l0-008//HP0-Y12//646-206//HP2-Z21//CISSP//1z0-043


 

39
Online

38.5k
Users

12.7k
Topics

44.5k
Posts