Hi -
I have a pair of redundant MX-450 firewalls (one license, two units), with a virtual IP between them, and separate public IP addresses for each physical unit.
Also have various static NATs.
I have a /26 public subnet from my ISP, so I have additional public IP addresses I can use.
Is it possible to have various internal subnets be nat/port address translated to separate public IP addresses
'on the way out' through the MX?
ie -
Internal hosts
10.25.0.0/15 > nat outbound to 182.141.252.14/32 (not my real IP, but.. you get the drift)
Guest network
192.168.25.0/23 > nat outbound to 182.141.252.214/32 (again...not mine, just an example)
In an ASA, this would look like
nat (inside) 1 10.25.0.0/15
global (outside) 1 182.141.252.14/32
for the internal traffic above
and for guest
nat (guest-dmz) 2 192.168.25.0/23
global (outside) 2 182.141.252.214/32
How can I do something similar with the MX-450?
We desperately need for our internal traffic to be "appearing" on the public Internet from one public IP
and our guest traffic to "appear" on the Internet from a different IP.
Thanks Tim
