SRX

last person joined: yesterday 

Ask questions and share experiences about the SRX Series, vSRX, and cSRX.

  • 1.  sub interfaces - same zone or different zones

    Posted 04-03-2011 07:18

    Hello,

     

    When you are configuring sub interfaces on a physical interface, can you put different sub interfaces in different zones? or does all sub interfaces have to be in the same zone?

     

    Thanks



  • 2.  RE: sub interfaces - same zone or different zones
    Best Answer

    Posted 04-03-2011 08:09

    There is no such restriction ... You never make complete physical interface memeber of a security zone.. instead you do it on sub-interface level with liberty to put them under any zone ..

     

    e.g.

     

    if you have

     

    set interface ge-0/0/0.1   family inet address 192.168.1.1/24

    set interface ge-0/0/0.2   family inet address 192.168.2.1/24

     

    then you can place them under different zones

     

    set security zone security-zone trust interfae ge-0/0/0.1

    set security zone security-zone untrust interfae ge-0/0/0.2

     

    Mark it  "Accepted" if rocks

    regards

     



  • 3.  RE: sub interfaces - same zone or different zones

    Posted 04-05-2011 17:04

    Hello,

     

    Apologize for the late reply. Thanks for the response.