Re: [j-nsp] SRX3600 and NAT

Thu, 26 Apr 2012 18:47:38 -0700 

This is from JunOS 10.1 product information: 
http://www.juniper.net/techpubs/en_US/junos10.1/information-products/topic-collections/release-notes/10.1/topic-42300.html

-----------------------------------------------------------------------------
The following describes the maximum numbers of NAT rules and rule sets 
supported:

    For static NAT, up to 32 rule sets and up to 256 rules per rule set can be 
configured on a device.
    For destination NAT, up to 32 rule sets and up to 8 rules per rule set can 
be configured on a device.
    For source NAT, the following are the maximum numbers of source NAT rules 
that can be configured on a device:
        512 for J Series, SRX100, and SRX210 devices
        1024 for SRX240 and SRX650 devices
        8192 for SRX3400, SRX3600, SRX5600, and SRX5800 devices

These are systemwide maximums for total numbers of source NAT rules. There is 
no limitation on the number of rules that you can configure in a source NAT 
rule set as long as the maximum number of source NAT rules allowed on the 
device is not exceeded.
-----------------------------------------------------------------------------

Looks like this is shared across virtual routers.


James S. Smith Network and Security Architect
WIND Mobile 207 Queen's Quay West, Suite 710 Toronto, ON M5J 1A7
Email: [email protected]
Direct: 416-640-9792
Fax: 416-987-1203
www.windmobile.ca 
www.twitter.com/WINDmobile 
www.facebook.com/WINDmobile
  
THAT'S THE POWER OF WIND
-----Original Message-----
From: Tomas Lynch [mailto:[email protected]] 
Sent: Thursday, April 26, 2012 6:23 PM
To: James S. Smith
Cc: [email protected]
Subject: Re: [j-nsp] SRX3600 and NAT

I have 6 SPUs.

On Thu, Apr 26, 2012 at 7:17 PM, James S. Smith <[email protected]> wrote:
> How many SPU cards do you have in the box?
>
> I'd be interested to know other people's experiences with the application 
> inpsection for various databases.  I usually turn the ALG for the off because 
> the DBAs complain that long queries are get terminated, even after tweeking 
> the timeouts.
>
>
>
> ----- Original Message -----
> From: Tomas Lynch [mailto:[email protected]]
> Sent: Thursday, April 26, 2012 06:14 PM
> To: [email protected] <[email protected]>
> Subject: [j-nsp] SRX3600 and NAT
>
> I'm looking for some info on SRX3600:
>
> How many static and dynamic NATs are supported per box and per virtual
> router on a SRX3600?
> Which are the flow inspection average and maximum time?
> Which are the OS and database systems that this firewall protects?
>
> Thanks,
>
> TL
> _______________________________________________
> juniper-nsp mailing list [email protected]
> https://puck.nether.net/mailman/listinfo/juniper-nsp

_______________________________________________
juniper-nsp mailing list [email protected]
https://puck.nether.net/mailman/listinfo/juniper-nsp

Reply via email to