The ZT appliance are running ubuntu 20.04 LTS. Yeah… I believe the Juniper was randomizing ports given the config from my original post. I think I just managed to fix this with explicit persistence.
source {
pool ZT {
address {
1.2.3.4/32;
}
port {
no-translation;
}
}
{ ... }
rule-set EdgeNAT {
from zone EdgeNAT;
to zone Internet;
rule EdgeNAT_to_Internet {
match {
source-address 192.168.5.10/32;
}
then {
source-nat {
pool {
ZT;
persistent-nat {
permit any-remote-host;
address-mapping;
max-session-number 65536;
}
}
}
}
}
rule default {
match {
source-address 192.168.5.0/24;
}
then {
source-nat {
interface;
}
}
}
}
}
I’ve pushed past the 2-hour mark and things still seem stable.