Hi,
I have attempted to perform FBF on an MX. I have performed this before on an SRX with no problems but on the MX it is not working. Is this supported on MX? I have seen no documentation to suggest it is not. I have deleted all but essential configuration in an attempt to simplify thisngs.
The result of the below config is that host can not ping the gateway or anything else.
interfaces {
ge-0/0/2 {
hierarchical-scheduler;
vlan-tagging;
mtu 1522;
unit 4000 {
vlan-id 4000;
family inet {
filter {
input nat-filter;
}
address 185.49.36.129/26;
}
}
}
ge-0/1/2 {
unit 0 {
family inet {
address 10.130.0.169/30;
}
}
}
lo0 {
unit 0 {
description "default RI lo0";
family inet {
address 10.130.0.199/32;
}
}
}
}
routing-options {
interface-routes {
rib-group inet nat-rib;
}
static {
route 10.18.9.0/24 next-hop 10.18.131.1;
route 10.110.1.0/24 next-hop 10.18.131.1;
}
rib-groups {
nat-rib {
import-rib [ inet.0 nat-forwading.inet.0 ];
}
}
}
firewall {
family inet {
filter nat-filter {
term 1 {
from {
source-address {
185.49.36.130/32;
}
}
then {
routing-instance nat-forwarding;
}
}
term 2 {
then accept;
}
}
}
}
routing-instances {
nat-forwarding {
instance-type forwarding;
routing-options {
static {
route 0.0.0.0/0 next-hop 10.130.0.170;
}
}
}
}
Any suggestion are appreciated.