Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 2 replies
  • Subscribers 27 subscribers
  • Views 4090 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

SNAT RANGE IP avec 1:1 NAT

Guillaume PODGORSKI

Bonjour,

 

I need to set up a SNAT for a range of IP 192.168.2.0/24 to a 10.35.40.0/24.

Except that it is absolutely necessary that the IPs 192.168.2.0/24 be translated in 10.42.2.0/24 with the constraint to have the correspondence between the 2 networks:

192.168.2.145 -> 10.42.2.145

192.168.2.201 -> 10.42.2.201

192.168.2.12 -> 10.42.2.12

I have already implemented this SNAT on my old hardware JUNIPER I just replaced by a SOPHOS XG.

I tried a lot of things on the XG but nothing to do.

 

  JUNIPER SRX240 configuration:

pool DEV-to-BM {
    address {
        10.42.2.0/32 to 10.42.2.254/32;
    }
    host-address-base 192.168.2.0/32;
    port { 
        no-translation;
    }
}

address private-office-network 192.168.2.0/24;

rule-set trust-to-BM {
    from zone trust;
    to zone Beaumanoir;
    rule snat-dev-to-BM {
        match {
            source-address-name private-office-network;
        }
        then {
            source-nat {
                pool {
                    DEV-to-BM;
                } 
           }
       }
}

Thank in advance.



This thread was automatically locked due to age.
Parents Reply Children
  • 0 in reply to Guillaume PODGORSKI

    Hi,

    please post your rule. Assumption is traffic is all one way 192 ->10?

    If this is a business user then you should be talking to your reseller/partner for support.

    These are guesses.

    Removed incorrect information

    Or you could try source lan 192 destination lan 10 any service MASQ

     

    This is more likely to work. You can write your own NAT rule and use that in your firewall rule.

    Ian