Log in to ask questions, share your expertise, or stay connected to content you value. Don’t have a login? Learn how to become a member.
Hi there,
I want to use the loopback interface to manage my SRX650. I've configured an IP address on the lo0.0 but I cannot ping this interface from outside the srx650 eventhough it appears to be advised through ospf.
Do I need to assign lo0.0 to a security zone?
Thanks,
Paul
Hi
Yes, as any interface, lo0.0 must be assigned to the security zone, and you need to allow traffic to it from other interfaces via policy.
Hi PK,
thanks for that, I've created a new zone called "loopback" and allowed the ping and SSH service through.
On the OSPF side, to advertise the loopback interface is there a generic command?
Do you mean to advertise it in OSPF? Then you just include it in some OSPF area,
set protocols ospf area x.x.x.x interface lo0.0
PK,
that's exactly it, all working nicely now.
Many thanks,