Solved: Re: NAT between SRX and Cisco

Johnson_Mo · ‎06-04-2024

Cisco warriors, I need help with this please!

I have SRX doing proxy-arp 192.168.0.0/16 with directly connected to cat 9300 cisco

I want to put another SRX in between as a layer 3 for extra security. is there a way to keep the same IP address for the VLANs on cat 9300?

thanks in advance!

Johnson_Mo · ‎06-05-2024

resolved the issue by using 192.168.0.0/24 between cisco switch and the new SRX

thanks team for responding!

View solution in original post

MHM Cisco World · ‎06-04-2024

You can config BVI in new SRX that make SW and old SRX in same subnet and you can put some secuirty in new SRX

MHM

Johnson_Mo · ‎06-05-2024

we need to nat on the new srx so it has to be L3 device. Also, BVI is not supported in SRX only Translational cross connect is supported and required to be in packet mode.

paul driver · ‎06-04-2024

Hello
Why not put the new SRX in transparent mode, thus you keep the addressing as it is but you have the extra security in-between?

Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul

Johnson_Mo · ‎06-05-2024

we need to nat Multicast add on the new SRX not on the old one to avoid cpu utilization.

Johnson_Mo · ‎06-05-2024

resolved the issue by using 192.168.0.0/24 between cisco switch and the new SRX

thanks team for responding!