Message Image

Skip main navigation (Press Enter).

SRX

last person joined: 21 hours ago

Ask questions and share experiences about the SRX Series, vSRX, and cSRX.

Back to discussions

Expand all | Collapse all

Different WANs for different subnets

Jump to Best Answer

Erdem09-08-2013 06:23

I have an SRX240 with 2 WAN presentation and different subnets on the LAN side need to use different ...

Erdem09-08-2013 20:07Best Answer

Hi Andrew, I suspect what you are after is Filter Based Forwarding: http://kb.juniper.net/InfoCenter/index?page=content&id=KB17223 ...

Erdem09-09-2013 06:35

that looks spot on, thank you

1. Different WANs for different subnets

0 Recommend
Erdem
Posted 09-08-2013 06:23

Reply Reply Privately
I have an SRX240 with 2 WAN presentation and different subnets on the LAN side need to use different WAN presentation for internet access.

The primary WAN presentation has approximatly 25 VPNs terminating on it, these need to be routable from all LAN VLANs, but only VLAN 10 should use this for internet access. All other vlans should use the secondary WAN presentations for internet access (but still have access to the sites on VPN).

Is the best way to achieve this to have two routing instances with different default routes? If so, how would I allow both instances to access the VPNs?

If this isn't clear I'll put together a diagram.

Thanks
2. RE: Different WANs for different subnets
Best Answer

0 Recommend
Erdem
Posted 09-08-2013 20:07

Reply Reply Privately
Hi Andrew,

I suspect what you are after is Filter Based Forwarding:

http://kb.juniper.net/InfoCenter/index?page=content&id=KB17223

You should be able to get away with your policy routing VLAN 10 out the primary for internet access, with regular routing logic taken for the rest.
3. RE: Different WANs for different subnets

0 Recommend
Erdem
Posted 09-09-2013 06:35

Reply Reply Privately
that looks spot on, thank you

Powered by Higher Logic