Support Support Downloads Knowledge Base Service Request Manager My Juniper Community

Knowledge Base

Search our Knowledge Base sites to find answers to your questions.

Ask All Knowledge Base Sites All Knowledge Base Sites JunosE Defect (KA)Knowledge BaseSecurity AdvisoriesTechnical BulletinsTechnotes Sign in to display secure content and recently viewed articles

[SRX] NAT rule limits on SRX Platforms

0

0

Article ID: KB14149 KB Last Updated: 13 Feb 2020Version: 9.0
Summary:

This article provides information about the NAT rule limits on SRX devices.

 

Solution:

The NAT rule limits for each SRX platform are listed below:

 

SRC NAT Rules

DST NAT Rules

Static NAT Rules

SRX100H2/110H2/210H2/220H2/240H2

1024

1024

6144

SRX300/320 2048 2048 4096
SRX340 2048 2048 2048
SRX345 2048 2048 4096

SRX550/650

1024

1024

6144

SRX550 HM 2048 2048 6144

SRX1400

8192

8192

8192

SRX1500 8192 8192 8192

SRX3400/3600

20480

20480

20480

  SRX4100/4200 20480 20480 20480
SRX4600 51200 51200 51200

SRX5600/5800

30720

30720

30720

vSRX-Small 1024 1024 1024
vSRX-Medium 4096 4096 6144
vSRX-Large 6144 6144 6144
vSRX-XL 8196 8196 8196
 

The current supported NAT values may also be verified by using the following CLI command:

show log nsd_chk_only | match NAT | match " = " 

Example

On SRX240H2:

root> show log nsd_chk_only | match NAT | match " = "
Source NAT rule number = 1024
Dest NAT rule number = 1024
Static NAT rule number = 6144
Interface NAT port ol factor = 64
Source NAT rule-set number = 1024
Dest NAT rule-set number = 1024
Static NAT rule-set number = 6144
Maximum Destination Address per Policy = (1 / 1024)

 

Modification History:

2020-02-13: Updated tables based on current SRX products

 

Comment on this article > Affected Products Browse the Knowledge Base for more articles related to these product categories. Select a category to begin.

Security Alerts and Vulnerabilities

Security Alerts and Vulnerabilities Product Alerts and Software Release Notices Problem Report (PR) Search Tool EOL Notices and Bulletins JTAC User Guide Customer Care User Guide Pathfinder SRX High Availability Configurator SRX VPN Configurator Training Courses and Videos End User Licence Agreement Global Search