OK here what I am doing. I am attempting to switchf from one ISP to another on my SRX 210
I was given 2 blocks from the NEW ISP a /30 and a /28.
The /30 is essentially a Gateway block that all the traffic must traverse to get out to internet and that must be in place for the /28 block assinged to be reach able.
In the Mix I also have an SRX 100 that I use as just a head end for home office users Site To Site VPN Tunnels that currently has an External IP also from my old ISP.
The new ISP's Circuit was delivered in my IDF so I built a Vlan to carry that traffic back down to my MDF where my SRX's are.
THe immediate goal is to from the outside be able to ping the Gateway Address of the /30 block, the WAN address of the Srx 210 and the SRX 100. The the Two Srx external Interfaces are provisioned on their own seperate VLAN also and can Ping Each other. Below is how I have it configured at the moment.
fe-0/0/7 {
description ********;
vlan-tagging;
unit 0 {
vlan-id 407;
family inet {
address **.***.203.14/30;
}
}
unit 1 {
vlan-id 408;
family inet {
address **.**.240.129/28;
}
}
}
screen untrust-screen;
host-inbound-traffic {
system-services {
ping;
ike;
}
}
interfaces {
fe-0/0/2.0;
ge-0/0/0.0;
fe-0/0/7.0;
fe-0/0/7.1;
}
So Right Now from a complete external sourece I can ping the address on fe-0/0/7.0 but not the address fe-0/0/7.1
If I add the address from fe-0/0/7.1 to fe-0/0/7.0 I can ping it also but am unable to ping the SRX 100 then even after I make them all on the same VLAN.
Here is the Info from my ISP
External Interfaces
WAN Serial: XX.XXX.203.14
Subnet Mask: 255.255.255.252
Default Route for Router: XX.XXX.203.13
This will be the path that all of your internet traffic takes to get out to the internet.
Internal Interfaces
Assigned LAN Netblock: YY.YYY.240.128/28
Subnet Mask: 255.255.255.240
LAN Ethernet usable IPs: YY.YYY.240.130 - YY.YYY.240.142 You can use this on your LAN (PC, Workstation, Firewall, etc)
Default Gateway for LAN Netblock:YY.YYY.240.129
This will be the IP that all devices use as a default route or gateway for your LAN back to the router.
What am I doing wrong?