Routing

last person joined: 5 days ago 

Ask questions and share experiences about ACX Series, CTP Series, MX Series, PTX Series, SSR Series, JRR Series, and all things routing, including portfolios and protocols.

  • 1.  Force traffic from Self to avoid routing table. SSG

    Posted 03-26-2016 10:33

    Hi everyone,

     

    Here is my situation terse :

     

    set route 0.0.0.0/0 interface ethernet0/0

     

    set VPN1  outgoing-interface "ethernet0/0"    /same peer for both 

    set VPN2  outgoing-interface "ethernet0/3"    /same peer for both 

     

    VPN1 is up

    VPN2 is down

     

    VPN2 tries to establish tunnel using source address of eth0/3 but since it uses routing table it tryes to establish it via eth0/0(debug flow confirmed it). Negotiation Fails.

     

    How to force VPN2 to use eth0/3 as outgoing interface ? I put PBR and source routing but it still takes the defailt route.

     

     

    Thank you for your help !

     

     



  • 2.  RE: Force traffic from Self to avoid routing table. SSG
    Best Answer

    Posted 03-27-2016 06:53

    You will need to move the interface eth0/3 into a separate virtual router with its own default route.

     

    By default all the interfaces are in the same virtual router and share the same routing table.  If you move this interface to a new VR then it can connection using its own default route.

     

    Create a new zone and assign this to a different VR than your existing untrust zone

    On the eth0/3 move this to the new zone

    Create any necessary policies for the new zone traffic