The source address is translated because the traceoptions output shows that the source IP address 192.168.5.2 is translated to 192.168.100.1 and the source port 0 is translated to 14777. The traceoptions output also shows the flag flow_first_src_xlate, which indicates that this is the first time that source NAT is applied to this session.
The packet is an SSH packet because the traceoptions output shows that the application protocol is tcp/22, which is the default port for SSH. The traceoptions output also shows the flag flow_tcp_syn, which indicates that this is the first packet of a TCP connection.
References:
traceoptions (Security NAT) | Junos OS | Juniper Networks
[SRX] How to interpret Flow TraceOptions output for NAT troubleshooting
Contribute your Thoughts:
Chosen Answer:
This is a voting comment (?). You can switch to a simple comment. It is better to Upvote an existing comment if you don't have anything to add.
Submit