SRX

last person joined: 3 days ago 

Ask questions and share experiences about the SRX Series, vSRX, and cSRX.

  • 1.  How to connect internet on SRX running VPN

    Posted 12-07-2013 22:30
    Hi All, My topology is PC-------SRX------WAN(internet)---------SRX-------PC Now my system running VPN very well, but the problem is that my PC can't use internet. How i config to my my PC use both VPN and Internet. Thanks,


  • 2.  RE: How to connect internet on SRX running VPN

    Posted 12-08-2013 00:56

    Have you configured WAN interface on SRX using PPOE or something else or WAN device is a separate device , in 2nd case configure a default static on SRX pointing to your WAN and also configure source NAT on SRX for the interface connected with WAN and on your PC default gateway will be IP address of SRX interface connected with PC , In 1st case if you have configured PPOE on your SRX then on your PC you need to configure DNS etc on your PC you may do it manually or run DHCP on SRX and include DNS etc settings in DHCP configuration

     

     

     

     

     

    Pleas mark this as accepted solution if it solves your problem

    Kudos a good way of appreciation

     

    Kashif Nawaz

    JNCIP-Sec , JNCIS-Ent, JNCIS-Sec, JNCIA-Junos



  • 3.  RE: How to connect internet on SRX running VPN

    Posted 12-08-2013 06:20
      |   view attached

    Hi 

    I attach my config file here.

    WAN device is separate device

    In my case if i connect my PC direct with ip 10.10.9.44 (IP on interface fe-0/0/7 on SRX) I can connect to internet. But i use this to VPN, how i use both vpn and internet when i connect my PC to SRX

     

    Thanks,

    Attachment(s)

    txt
    config.txt   6 KB 1 version


  • 4.  RE: How to connect internet on SRX running VPN
    Best Answer

    Posted 12-08-2013 07:38

    Problem with your configuration files:-

    No valid reason is there for configuration of this route (10.10.9.40/29 next-hop 192.168.2.1) , 192.168.2.1 (configured on fe-0/0/3) is your gateway for PC or etc and 10.10.9.40/29 is subnet you have configured on fe-0/0/7, so you are sending 10.10.9.40/29 to interface fe-0/0/3 towards PC which is wrong, remove this route. 

    Now i can not see a default route for internet traffic , configure a default route with next hop 10.10.9.41, it will direct all traffic  (which don't have any specific route) out from WAN interface. Now VPN configuration is OK but where is route for traffic needs to be directed through tunnel interface (st0.0) . Configure a static route for VPN route with next hop st0.0.Default security policy is permit-all when every thing starts working then set this to deny because default security policy with permit-all value is overriding all security policies you configured

    On your PC configure a default gateway 192.168.2.1 , DNS address obtained from your ISP or any public DNS server .

     

     

    Pleas mark this as accepted solution if it solves your problem

    Kudos a good way of appreciation

     

    Kashif Nawaz

    JNCIP-Sec , JNCIS-Ent, JNCIS-Sec, JNCIA-Junos

     



  • 5.  RE: How to connect internet on SRX running VPN

    Posted 12-08-2013 20:00

    Hi,

     

    Thank for your guide. I just delete static route 10.10.9.40/29 next-hop 192.168.2.1 in my config and add a default route

    0.0.0.0/0 next-hop 10.10.9.41. Now i can access the internet. No need Configure a static route for VPN route with next hop st0.0.

     

    Thanks,



  • 6.  RE: How to connect internet on SRX running VPN

     
    Posted 12-08-2013 05:12

    Hi 

     

    Your VPN is established over Internet , so your SRX should be connected to Internet , please make sure that the default route is well configured on your SRX (show route) .. try to ping 4.2.2.2 or 8.8.8.8  from both PC and SRX to make sure that your internet conectivity is OK , if you are able to ping from your PC so , your issue with your DNS ,try to fix public DNS 4.2.2.2 on your PC and check.

     

    Regards

    Red1