Hi All,
So I've connected my SRX 100B to the Internet using PPPoE.
This is how my setup looks: Internet > SRX > LAN.
From the SRX and the LAN I'm able to ping the Internet. However when I try to browse, it fails.
In fact, when I try from Chrome, as I type into the address bar I see suggestions pop up, however when I try to connect to a site, it doesn't work.
I saw similar questions in the forum but the solutions didn't work.
Please let me know if I'm missing something.
Here's the relevant config:
shyam@SRX# run show configuration
## Last commit: 2015-07-12 11:34:59 UTC by shyam
version 10.4R4.5;
system {
host-name SRX;
root-authentication {
encrypted-password "$1$nLZR1jQE$uu.VTm59yiZtsw9XPaGIs/"; ## SECRET-DATA
}
name-server {
208.67.222.222;
208.67.220.220;
4.2.2.2;
}
interfaces {
fe-0/0/0 {
unit 0 {
encapsulation ppp-over-ether;
}
}
fe-0/0/1 {
unit 0 {
family inet {
address 172.16.1.1/24;
}
}
}
pp0 {
description "Connection to Internet";
unit 0 {
ppp-options {
pap {
default-password "$9AuO/9lF9ABIEcreEh"; ## SECRET-DATA
local-name "abc@xyz.com";
local-password "$9$PfFAtp1RrevWX7vM"; ## SECRET-DATA
passive;
}
}
pppoe-options {
underlying-interface fe-0/0/0.0;
idle-timeout 0;
auto-reconnect 5;
client;
}
family inet {
mtu 1492;
negotiate-address;
}
}
}
}
routing-options {
static {
route 0.0.0.0/0 next-hop pp0.0;
}
}
security {
nat {
source {
rule-set NAT-ALL {
from zone trust;
to zone untrust;
rule 1 {
match {
source-address 0.0.0.0/0;
}
then {
source-nat {
interface;
}
}
}
}
}
}
zones {
security-zone trust {
host-inbound-traffic {
system-services {
all;
}
protocols {
all;
}
}
interfaces {
fe-0/0/1.0;
}
}
security-zone untrust {
screen untrust-screen;
host-inbound-traffic {
system-services {
ping;
all;
}
protocols {
all;
}
}
interfaces {
fe-0/0/0.0 {
host-inbound-traffic {
system-services {
dhcp;
tftp;
all;
}
}
}
pp0.0;
}
}
}
policies {
from-zone trust to-zone untrust {
policy ALLOW-WEB {
match {
source-address any;
destination-address any;
application [ junos-http junos-https ];
}
then {
permit {
firewall-authentication {
web-authentication {
client-match shyam;
}
}
}
}
}
policy ALLOW-INTERNET {
match {
source-address any;
destination-address any;
application any;
}
then {
permit;
}
}
}
}
flow {
tcp-session {
no-syn-check;
}
}
}
vlans {
vlan-trust {
vlan-id 3;
}
}
[edit]
shyam@SRX#
There's a modem between the Internet and the SRX, which is placed in bridged mode. However I don't think this could be causing any issue since ping works well.
Please suggest, thank you in advance.