Categories
Welcome Center
Education & Development
Cyber Security
Virtualization
General
Certification Preparation
Project Management
Posts
Groups
Training Resources
Infosec
IT & Security Bootcamps
Practice Exams
Security Awareness Training
About Us
Home
Certification Preparation
Juniper
Juniper SRX destination NAT with multiple ISP's
Staunchy
Hi,
I was wondering if anyone here have implemented destination nat with multiple ISP's on a SRX with a default route for traffic from internal to outbound pointing to only 1 ISP?
So far the only way I managed to get this to work is to have default routes with the same preference point to all 4 ISP’s and export all 4 default routes to the forwarding table. All the interface are in the same security zone with destination NAT and then use routing-instances type forwarding to force traffic from internal to outbound over ISP 1 but I feel this way is clunky.
Find more posts tagged with
Comments
zoidberg
Can you explain your routing-instance configuration? How many are you using, what are they there for, etc?
Are all the ISPs in the same routing-instance? Same zone or different zones?
It sounds like you're your exporting 4 default routes into the forwarding-table. This is normally used for load balancing. Is this what you're trying to accomplish? Because it sounds like even though you have 4 routes out, you want to force all traffic to use a single route out. If that's the case, could you just adjust the route metrics to prefer the ISP 1 route? Or is that solution causing an issue with return traffic coming from the other ISPs?
Quick Links
All Categories
Recent Posts
Activity
Unanswered
Groups
Best Of
