Happy Saturday! Junos question for you. My public interface in Untrust zone is vlan.2 with IP (using examples here) 1.1.1.71. I use static NAT for 1.1.1.73 to 10.0.3.13/32.
I allow pings to untrust but since the 73 IP is static NATed and not the IP of the public interface, I can't ping it. Also can't RDP to 10.0.3.13 despite allowing RDP in untrust policy - again because the 73 public IP is not in a zone.
I can add interfaces to zones but not IPs.
So how do I allow services like ping and RDP to a static NATed address?
This is what I am researching today. Any ideas are welcome!
P.S. I am using proxy arp too