SRX

last person joined: 4 days ago 

Ask questions and share experiences about the SRX Series, vSRX, and cSRX.

  • 1.  Configure Virtual Router on SRX

    Posted 12-27-2016 19:52

    Hi everyone,

    I am new to Vitual Router in Junos. I have EX2200 and SRX220. Now its running in default router config - routing options & VPN IPsec... I having plan to create a VR for Operator to config some ports on default router also use VPN and then routing to default SRX router. Anyone have same issue, and how to configure it so i can understand it well.

    Many thanks!



  • 2.  RE: Configure Virtual Router on SRX

     
    Posted 12-27-2016 20:25

    Hello Ling NG,

     

    You can refer to the KB article below:

     

    https://kb.juniper.net/InfoCenter/index?page=content&id=KB16453&smlogin=true&actp=search

     

    Regards,

     

    Rushi



  • 3.  RE: Configure Virtual Router on SRX

    Posted 12-27-2016 20:33

    Thanks Rushi,

     

    I have confuse about user permissions. I want to create an operator user with access privileges that user only can config on VR like super-user but cant config on default router.  is it possible?



  • 4.  RE: Configure Virtual Router on SRX
    Best Answer

    Posted 12-28-2016 07:25

    I think the real feature you want is a icense to Logical systems (only on SRX) that create a logical SRX inside the chassis that can easily be sub-managed by a user account.

     

    https://www.juniper.net/documentation/en_US/junos12.1x46/topics/concept/logical-systems-overview.html

    http://www.juniper.net/techpubs/en_US/junos14.2/topics/task/configuration/logical-system-administrators-configuring.html

     

    With your current setup, the situation is slightly more complicated.  You would need to create a customer user class and then restrict that class to the routing-instance hierarchy as desired.

     

    http://www.juniper.net/techpubs/en_US/junos14.2/topics/task/configuration/access-login-class.html

     

     



  • 5.  RE: Configure Virtual Router on SRX

    Posted 12-28-2016 10:13

    An extra note regarding logical systems on SRX. This is only supported by highend SRX platforms (SRX1400/3400/3600/5000 series) -not branch (srx100/200/300/550/650) series and SRX4100/4200.

     

    From what I see, logical systems on SRX will not be a good longterm solution as virtualisation of the SRX is solved with vSRX instead of logical systems in large physical devices.



  • 6.  RE: Configure Virtual Router on SRX

     
    Posted 12-28-2016 11:20

    Hi Folks,
    To add.. there are differences between instance type virtual-router and Logical System deployments.

     

    With Logical System configuration the box will spin individual rpd daemon for every LS uniquely. Which is not the case with addition of routing-instance with type virtual-router in the box.

     

    Few interesting content on logical-systems

    https://www.juniper.net/documentation/en_US/junos12.1x46/topics/concept/logical-systems-overview.html
    https://www.juniper.net/documentation/en_US/junos12.1x44/information-products/pathway-pages/security/security-logical-system-index.html

     

    -A.Rengaramalingam