Re: Bridge tagged logical interfaces
Thanks for your help. I followed your configuration but it seems not working.I plugged in a computer at ge-0/0/3, then run root@SRX> monitor traffic layer2-headers no-resolve detail interface...
View ArticleClik here to view.
Single zone application firewall don´t work SRX210HE2
Hello team, I have SRX210HE2 on my client my version is JUNOS 12.1X46-D40.2 with idp-signature database My customer just want use a single zone (trust-to-trust) from the begining end customer required...
View ArticleRe: Bridge tagged logical interfaces
Hello,jilingshu wrote:Thanks for your help. I followed your configuration but it seems not working.I plugged in a computer at ge-0/0/3, My configuration assumes that the traffic entering this VPLS...
View ArticleRe: Broadcast Vlan
I was thinking in this scenario. If i receive one packet with 255.255.255.255 destiny address in a port with Vlan 11 and should I recive this broadcast throught one Vlan 13 for example?? Or if I...
View ArticleRe: Automatically generated static route for route-based site-to-site IPsec VPN
Thanks, how is that going to solve my problem? ... Junos will generate the second static route automatically with the same metric as the first one.
View ArticleRe: Automatically generated static route for route-based site-to-site IPsec VPN
Where st0.1 is 10.0.0.1/30 and st0.2 is 10.0.0.5/30 set routing-options static route a.b.c.d/24 next-hop 10.0.0.2 preference 5 set routing-options static route a.b.c.d/24 qualified-next-hop 10.0.0.6...
View ArticleRe: Automatically generated static route for route-based site-to-site IPsec VPN
Hello , I have checked in the LAB and found that , both VPN tunnels will come UP , but traffic will be passed to first tunnel that came UP . Before failover :root# run show route 5.5.5.5inet.0: 6...
View ArticleRe: Capture Traffic on USB Drive or Mount NFS ?
What command did you use to mount the nfs share? I keep getting 'Access Denied' error.thx
View ArticleRe: Bridge tagged logical interfaces
It must be tagged for both ge-0/0/0 and ge-0/0/3? I put an additional native-vlan-id 34;under interfaces/ge-0/0/3, can this eliminate tagging on ge-0/0/3?
View ArticleSRX 1 interface VPN head end possible?
hello I post hear a while back and now have my VPN configs solid, they are easly and pop right up. I'm doing a dynamic VPN config from SRX 210 to SRX240 SRX 210 > internet > FW > SRX 240...
View ArticleSRX5800 Reth0 LAG with Extreme Networks MLAG
Hi, We have a setup with a SRX5800 Chassis Cluster and we are doing a Reth LACP setup with Extreme Networks' MLAG. The connections are as below: 1. xe-10/1/0 -> Port 1 of Extreme Networks switch...
View ArticleRe: SRX5800 Reth0 LAG with Extreme Networks MLAG
Hi I am a little bit confused with your postingare you saying that you have one reth namely reth0and one vlan of that is connected to another cluster ?"specific reth0 (reth0.3622) which is connecting...
View ArticleRe: SRX5800 Reth0 LAG with Extreme Networks MLAG
Hi, Yes, I have only one reth interface (reth0) in my SRX5800 cluster and a specific vlan (vlan-id 3622) that is located in this SRX5800 cluster is also present in another SRX (SRX5600). They are...
View ArticleRe: SRX5800 Reth0 LAG with Extreme Networks MLAG
Both clusters use different cluster ID or atleast different reth interface? Just to make sure the MAC address are not the same. Reth MAC is derived from CLuster ID an Reth ID.
View ArticleRe: SRX5800 Reth0 LAG with Extreme Networks MLAG
Hi Suraj, Only the SRX5800 equipment is a cluster. The other SRX (SRX5600) is not a cluster. It has aggregated interfaces (ae) configured in it. Cheers,Nuno
View ArticleClik here to view.
configuring the VDSL2 PIM with point to point IP without using username or...
Hello I am trying to make the below setup, by using the VDSL2 pim instead of SHDSL one, without using username or password for authentication as there will be point to point IP from the PE to the...
View ArticleSub-interface with tagged VLAN in vSRX
Hi. It is possible to create tagged and untagged sub-interfaces simultaneously in vSRX?Something like these:ge-0/0/0 { unit 0 { family inet { address 192.168.2.100/24; } } unit 1 { vlan-id 10; family...
View ArticleRoute based VPN in and out same interface?
I'm configuring a VPN on a SRX550 that sits behind a SRX650. I *think* I have figured out the config for the VPN NATing out the other firewall. The piece I'm not sure will work is if I Have traffic...
View ArticleRe: Sub-interface with tagged VLAN in vSRX
Hi, The answer is no. U need to remove unit 0 if u want do vlan-tagging. Thanks
View ArticleClik here to view.
SRX 340 ports
Hi, Does anyone of you know which port become SRX340's Control Link (fxp1/em0??) in Cluster Mode. In need this piece of information to finish the LLD. Unfortunately neither DataSheet nor TechPub Doc...
View Article