SRX

last person joined: 4 days ago 

Ask questions and share experiences about the SRX Series, vSRX, and cSRX.

  • 1.  Separate networks - one for internal one for wireless

    Posted 03-05-2012 07:17

    I have a client that is using an SRX-100H.  They would like to offer free Wi-Fi to their customers who are sitting in the waiting room.

     

    The Internet connection comes in through fe-0/0/0, and fe-0/0/1 goes to the LAN (192.168.2.0/24).  Would it be possible to set up fe-0/0/2 with a totally different IP address range (192.168.5.0/24) so we can attach a wireless access point to it and not have any traffice from fe-0/0/2 route to fe-0/0/1 at all?  Also, fe-0/0/2 would need DHCP and would need to allow DNS, obviously.  Can anyone post a sample config?

     

    Thank you all in advanced.

     

    JamesNT



  • 2.  RE: Separate networks - one for internal one for wireless
    Best Answer

    Posted 03-05-2012 07:29

    If you follow this tech doc you cant go wrong.

     

     

    http://kb.juniper.net/InfoCenter/index?page=content&id=KB15754&smlogin=true

     

    Basically configure with your 192.168.5.0 subnet on fe-0/0/2 as you would configure a standard subnet, create your security zone e.g guest-wifi, create your policies to permit http/https or your desired protocols outbound.

     

    Dont forget to enable DHCP as an inbound service on the fe-0/0/2 interface.

     

    Finally connect your Wireless Access Point,  this is easy no matter what vendor you use, just put it in "Bridge Mode"

     



  • 3.  RE: Separate networks - one for internal one for wireless

    Posted 03-05-2012 07:36

    Thank you very much!

     

    JamesNT