Switching

last person joined: 3 days ago 

Ask questions and share experiences about EX and QFX portfolios and all switching solutions across your data center, campus, and branch locations.

  • 1.  Can not access EX2200 through VPN

    Posted 03-18-2014 08:56

    I can not access our EX2200 at our branch office unless I remote connect into a system at that office.  The two sites are connected through a VPN (not a juniper device) What would prevent me from being able to see the device or access j web unless I am physically connected to the same site that the device is located

     

    Network layout

    Main office

    192.168.0.0/24 

    Branchoffice (with the ex2200)

    192.168.3.0/24

    Sites connected through VPN with a UTM device



  • 2.  RE: Can not access EX2200 through VPN

     
    Posted 03-18-2014 16:21
    No route to 192.168.0.0/24 from the ex2200.


  • 3.  RE: Can not access EX2200 through VPN

    Posted 03-25-2014 06:47

    Sorry for the late respons I thought I had set e-mail notifications.

     

    Ah I see. Switches will not respond to an address outside of their scope definition.  How would this be defined or is it best practice to simply remote connect to a computer on the same scope as the switch to manage the switch.



  • 4.  RE: Can not access EX2200 through VPN
    Best Answer

    Posted 03-25-2014 12:25
    That is the intent of the management network. A separate network from transit traffic network. I supposed if this was Juniper Firewall in front of the switch that was providing vpn connectivity, you could provide a dnat to the switch management address and a security policy that allows connection to that switch. It sounds like you could provide a route from the vpn device to the switch, so that when you connect, whatever network you connect to, has a route to the switch network and the policy to allow that traffic.