JN0-230 Exam QuestionsBrowse all questions from this exam
Go to Exam

JN0-230 Exam - Question 3

Click the Exhibit button.

You have configured source NAT using an address pool as shown in the exhibit. Traffic is reaching the 203.0.113.6 server but return traffic is not being received by the SRX Series device.

Which feature must be configured to allow return traffic to be accepted by the SRX Series device?

Show Answer
Correct Answer: A

The problem described involves return traffic not being received by the SRX Series device after a source NAT operation. This can occur when the router does not know how to reach the IP address of the NAT pool used. Proxy ARP resolves this by responding to ARP requests on behalf of the NAT addresses, allowing return traffic to be correctly routed to the SRX Series device. Thus, proxy ARP must be configured to allow the return traffic to be accepted.

Discussion

4 comments
Sign in to comment
flameofbattleOption: A
Feb 21, 2021

Correct A

Clxxcv420
May 6, 2021

Question doesnt give information about Proxy ARP has been configured, it had been already configured if you look on SRC/DST Address space. Right Answer is DST NAT. (Actually port forwarding is more securely correct answer).

Clxxcv420
May 6, 2021

https://www.juniper.net/documentation/us/en/software/junos/nat/topics/topic-map/security-nat-destination.html #set security address-book global address server-1 10.10.101.10 #set security policies from-zone untrust to-zone trust policy server-access match source-address any #set security policies from-zone untrust to-zone trust policy server-access match destination-address server-1 #set security policies from-zone untrust to-zone trust policy server-access match application any #set security policies from-zone untrust to-zone trust policy server-access then permit

axxo2009
Jun 17, 2021

Answer should be A. It should be Proxy ARP. Proxy ARP should be manually configured. here interface IP and source NAT IP are in same subnet. so return ARP traffic will not know MAC address of translated NAT address unless u configured ARP.

TT98Option: A
Oct 12, 2021

The question does not seem to give enough info unfortunately. Proxy ARP is only necessary when exit interface is in same subnet as NAT pool. Nevertheless, proxy ARP (A) should be the correct answer because the other answers don't make sense in this context.

sheki2005Option: A
Jul 11, 2022

correct answeer is A as well and not destination NAT

JaredMOption: A
Feb 24, 2024

Answer should be A