SRX

last person joined: 4 days ago 

Ask questions and share experiences about the SRX Series, vSRX, and cSRX.

  • 1.  FBF with 2 ISPs and access using both of them

    Posted 09-12-2013 00:28
      |   view attached

    Hello guys!

    I have Juniper SRX 100 and I need to configure 2 ISPs routing and access. For example, I have fe-0/0/0.0 with IP address 1.1.1.1 (ISP1) and fe-0/0/3.0 with IP address 2.2.2.2 (ISP2). Also there is LAN interface with IP 192.168.0.1. So I want the following:

    - All LAN clients use ISP1 as default gateway (ISP2 when ISP1 link is down)

    - When someone outside ping (ssh or anything else) 1.1.1.1 SRX should response using fe-0/0/0.0 interface

    - When someone outside ping (ssh or anything else) 2.2.2.2 SRX should response using fe-0/0/3.0 interface

    I try to implement last 2 items. There is only one default gateway through fe-0/0/0.0. So when I ping 1.1.1.1 from outside it is ok. But when I ping or ssh 2.2.2.2 there is nothing.

    The solution is to use FBF. But I do something wrong and nothing changes.

     

    There is part of the configuration in attachments.

    Attachment(s)

    txt
    conf.txt   1 KB 1 version


  • 2.  RE: FBF with 2 ISPs and access using both of them

    Posted 09-12-2013 07:45

    Oh... It turns out that FBF is not sufficient for solving the problem. I should use virtual router or VRF, but the difference between them isn't  clear to me. If there will be IPsec tunnel on fe-0/0/0.0 and another one on fe-0/0/3.0 and I want communication between them what should I use?



  • 3.  RE: FBF with 2 ISPs and access using both of them
    Best Answer

    Posted 09-19-2013 07:48

    Ok. I've solved my problem. The decision is based on KB15545 except some details.