SRX

Need help as I am new to Juniper, I enter the following configuration below for a point to point link. However I could not ping to the next hop address 192.168.1.13/30 (Router A) and the next hop (Router A) could not ping to my firewall B (192.168.1.14/30) too, am I missing any configuration? Thanks in advanced.

[edit interfaces]
kent@B# show
ge-0/0/11 {
description "Connection to A Network access";
unit 0 {
family ethernet-switching {
vlan {
members A-NETWORK;
}
}
}
}

vlan {
unit 666 {
description "A Network";
family inet {
address 192.168.1.14/30;
}
}
}

[edit vlans]
kent@B# show
A-NETWORK {
vlan-id 666;
l3-interface vlan.666;
}

Hi kennethgoh,

Did you put these interfaces in security zones and allowed host inbout traffic ping?

set security zones security-zone <NAME> interfaces vlan.666 host-inbound-traffic system-services all

If this already there, please post the complete configuration from both devices.

Thanks,

Suraj

Please Mark My Solution Accepted if it Helped, Kudos are Appreciated too

Hi rsuraj,

It is not created, do I just define a new security zone eg A-network-zone?

set security zones security-zone A-network-zone interfaces vlan.666 host-inbound-traffic system-services all

Hi kennethgoh,

yes, "set security zones security-zone A-network-zone interfaces vlan.666 host-inbound-traffic system-services all" should work.

SRX will not send/receive traffic which is not part of any valid security zones.

Below KB will be very useful in initial setup of SRX devices.

http://kb.juniper.net/InfoCenter/index?page=content&id=KB15694

Thanks,

Suraj

Please Mark My Solution Accepted if it Helped, Kudos are Appreciated too