Can I create multiple NAT pools in the MX84. I have 2 VLANS into the MX and need to NAT each VLAN to a different Public IP address so they are routing properly. Thank you!
Solved! Go to solution.
You can not have different NAT pools.
As @AjitKumar noted you can direct traffic to a specific WAN interface - but this does require you to use two WAN/Internet circuits.
Maybe you could consider using AutoVPN to wherever this other firewall is located, so that it can see the original IP addresses of the devices.
Hi
I hope you are referring to following features.
1) Flow preferences
Security appliance->Traffic Shaping
2) NAT & Port Forwarding
Security appliance->Firewall
The customer wants to bring a data vlan and a voice vlan in the MX and NAT each VLAN to a different public IP address since data needs to be sent to one DC and vocie to another DC. In an ISR I can do this with ease. I would like to avoid putting the MX in passthrough mode since I heard that with a public address and passthough mode is a security risk with out an edge firewall. The 3rd option I guess would be to get the beta release and try to route with no NAT.
Forgot to mention that routing is not the problem. The firewalls at the DC's need to see a certain source addresses. If we NAT to all one address they will have to change their FW rules.
I assume the voice and data VLANs that they want to bring in are public IP space or no?
You can not have different NAT pools.
As @AjitKumar noted you can direct traffic to a specific WAN interface - but this does require you to use two WAN/Internet circuits.
Maybe you could consider using AutoVPN to wherever this other firewall is located, so that it can see the original IP addresses of the devices.