Quantcast
Channel: All SRX Services Gateway posts
Viewing all articles
Browse latest Browse all 17645

Re: Route problem from trust VLAN to external gateway

$
0
0

Hi,

The traffic is not being source-nat.

Could you try pinging from a host instead of the SRX interface and capture the show security flow session.

You could also perhaps specify the LAN subnet [10.0.3.x/x] to match the source-address for the source-nat.

 

Also, the traffic is matching self-traffic-policy:

Session ID: 20765, Policy name: self-traffic-policy/1, Timeout: 42, Valid
  In: 10.0.3.1/1 --> 66.117.151.5/15860;icmp, If: .local..0, Pkts: 1, Bytes: 84
  Out: 66.117.151.5/15860 --> 10.0.3.1/1;icmp, If: vlan.2, Pkts: 0, Bytes: 0

Cheers,

 

Ashvin

 


Viewing all articles
Browse latest Browse all 17645

Trending Articles



<script src="https://jsc.adskeeper.com/r/s/rssing.com.1596347.js" async> </script>