This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

SNAT RANGE IP avec 1:1 NAT

Bonjour,

I need to set up a SNAT for a range of IP 192.168.2.0/24 to a 10.35.40.0/24.

Except that it is absolutely necessary that the IPs 192.168.2.0/24 be translated in 10.42.2.0/24 with the constraint to have the correspondence between the 2 networks:

192.168.2.145 -> 10.42.2.145

192.168.2.201 -> 10.42.2.201

192.168.2.12 -> 10.42.2.12

I have already implemented this SNAT on my old hardware JUNIPER I just replaced by a SOPHOS XG.

I tried a lot of things on the XG but nothing to do.

JUNIPER SRX240 configuration:

pool DEV-to-BM {
address {
10.42.2.0/32 to 10.42.2.254/32;
}
host-address-base 192.168.2.0/32;
port {
no-translation;
}
}

address private-office-network 192.168.2.0/24;

rule-set trust-to-BM {
from zone trust;
to zone Beaumanoir;
rule snat-dev-to-BM {
match {
source-address-name private-office-network;
}
then {
source-nat {
pool {
DEV-to-BM;
}
}
}
}

Thank in advance.

This thread was automatically locked due to age.

0 Guillaume PODGORSKI over 7 years ago

Hi,

Nobody can help me ?

Best regards,

Guillaume
Cancel
Vote Up 0 Vote Down

Cancel
0 rfcat_vk over 7 years ago in reply to Guillaume PODGORSKI

Hi,

please post your rule. Assumption is traffic is all one way 192 ->10?

If this is a business user then you should be talking to your reseller/partner for support.

These are guesses.

Removed incorrect information

Or you could try source lan 192 destination lan 10 any service MASQ

This is more likely to work. You can write your own NAT rule and use that in your firewall rule.

Ian
Cancel
Vote Up 0 Vote Down

Cancel