SRX

last person joined: 10 hours ago 

Ask questions and share experiences about the SRX Series, vSRX, and cSRX.

  • 1.  Juniper SRX two Lan and two ISP routing

    Posted 07-18-2014 09:51

    Current setup we have two lans, Lan1 on Port0 and Lan2 on Port1 both lans are routed to ISP-1 Port15. We recently added a second ISP service and would like to have all Lan1 traffic go to ISP-1 Port15 and all Lan2 traffic go to ISP-2 Port14. Lan1 and Lan2 do not need to talk to each other. Not sure how to route this.

     

    While Lan2 and Lan1 do have different ip's and i could do a routing policy based on IP's i was hoping to do one based on ports. Found lots of help on load balancing and failover but not looking to do that. Cant find this type of setup when searching support articals, any ideas? 

     

    Thanks!

     



  • 2.  RE: Juniper SRX two Lan and two ISP routing

    Posted 07-18-2014 10:29

    Well if LAN 1 and LAN 2 don't need to talk and the two ISP networks are completely separate  you could just make two routing instances and place the associated interfaces into the their respective instances. They would then act independently of each other. 



  • 3.  RE: Juniper SRX two Lan and two ISP routing

    Posted 07-18-2014 19:04

    Hi  dpelletier,

     

    You can configure Filter based forwarding as per this KB article:

     

    http://kb.juniper.net/InfoCenter/index?page=content&id=KB17223
    http://kb.juniper.net/InfoCenter/index?page=content&id=KB22052

     

    also IP monitoring with RPM will hep automatic route failover :

     

    http://kb.juniper.net/InfoCenter/index?page=content&id=KB25052


    Regards
    rparthi
     

    Please Mark My Solution Accepted if it Helped, Kudos are Appreciated Too



  • 4.  RE: Juniper SRX two Lan and two ISP routing
    Best Answer

     
    Posted 07-21-2014 03:04

    Hi dpelletier,

     

    The easiset way to achieve this is create a routing-instance (virtual router type) and add the New ISP (ISP-2) and LAN2 to the new routing instance.


    On your default routing instnace create a default route poining to ISP1

    set routing-options static route 0/0 next-hop x.x.x.x (ISP1)

     

    On custom routing instnace create a default route as below.

     

    set routing-instances TEST instance-type virtual-router
    set routing-instances TEST interface ge-0/0/1.0
    set routing-instances TEST interface ge-0/0/14.0
    set routing-instances TEST routing-options static route 0.0.0.0/0 next-hop y.y.y.y (ISP2 IP)

     

    Please put necessary security policies.

     

    Thanks,

    Suraj

     

    Please Mark My Solution Accepted if it Helped, Kudos are Appreciated too



  • 5.  RE: Juniper SRX two Lan and two ISP routing

    Posted 07-21-2014 13:40



  • 6.  RE: Juniper SRX two Lan and two ISP routing

     
    Posted 07-21-2014 18:43

    Hi,

     

    You need to apply flow traceoptions.

     

    Below KB explains the configuration and details.

     

    http://kb.juniper.net/InfoCenter/index?page=content&id=KB16110

     

     

    Thanks,

    Suraj

     

    Please Mark My Solution Accepted if it Helped, Kudos are Appreciated too



  • 7.  RE: Juniper SRX two Lan and two ISP routing

    Posted 07-22-2014 13:10

    Thanks i had a bad firewall filter that was causing the issue. Resolved!