I have a case for @Timothy_Hall 🙂
We are running VSX R80.30.
There are 10 CoreXL instances, dynamic NAT (sk103656) and SXL NAT templates (sk71200) enabled by default in R80.30
Up until now we used gateway public IP (so single IP) to hide our traffic going to O365 and everything worked without any issues. Dynamic NAT feature handles "hide NAT, dest IP, proto" limitations perfectly.
Today we decided to change the NAT from single IP to IP range (sk140432). Never mind the reasons, but it still should work and technically make it better as we would have more IPs for hide NAT.
BUT! As the sun came up and people returned to work (despite corona virus), we started getting NAT hide failures in logs:
We had 20 IPs actually in the IP range. And SK156852 actually says to use port range instead of single IP 🙂 NOT!
The feeling I get with IP range enabled, "dynamic NAT" gets turned off / ignored and gateway returns to static port pools and they would be rather small with 10 FWK cores plus SXL NAT templates enabled.
Any other ideas?