I have 50+ specific /32 IPs that I need to inline-nat from private to public IPs. How can I add that many into my setup? I'm using an MX480 with two MPC 3D 16x 10GE line cards.
I'm using a service set:
service-set STATIC-SRC-NAT-1 {
nat-rules SRC-NAT-RULE;
next-hop-service {
inside-service-interface si-0/1/0.100;
outside-service-interface si-0/1/0.200;
}
}with the nat rules:
rule SRC-NAT-RULE {
match-direction input;
term t1 {
from {
source-address {
10.54.0.109/32; # <-- an issue here
}
}
then {
translated {
source-pool STATIC-NAT-PUBLICS; # <-- Wish I could use a prefix-list...
translation-type {
basic-nat44;
}
}
}
}
}With this, I can set source to a /24 and have a public /24 in the source pool (and that works), but I need a lot of explicit private/32 to public/32. The from { source-address } won't let you have more than one entry. The same goes with: from { source-prefix-list }. And even if I could there, I can only have 32 entries max in a nat pool.
Ideally, I wish I could have 2 preflix lists with all the /32s I could want in each, and have them match up 1:1. :/ Any suggestions?