03-31-2010 11:30 AM
I am running a SSL VPN box 6000 with System Ver. 6.4R4.1 build 14919. I have several VLANs and having issues with the VLAN being tagged. I took a TCP dump of one of the VLAN ports and used the RAW data in Wire Shark and looked at the data and I saw NO tagging of VLAN 512 (the vitural port VLAN #). Is there any issues with VLAN tagging with this OS build or verison?
03-31-2010 01:18 PM
Just got off the phone with Juniper TAc and he confirmed that after viewing the TCP Dump that VLAN tagging was NOT taking place. JTAC is looking into the situation further.
UPdated 4:17PM EST 03/31/2010
03-31-2010 04:28 PM
If you capture the tcpdump on the SSL VPN device you may not see the tagging related info (its due to the tcpdump drivers logging packets before the tagging happens). If you can capture a tcpdump on the destination device and still dont see tagging then it may be an issue. However dont go by the tcpdump captured on SSL VPN device for VLAN tagging related info.
04-01-2010 01:07 AM - edited 04-01-2010 01:10 AM
Please note that IVE OS uses the untagged internal interface for box initiated traffic like SCP,Syslog, SNMP trap etc. We tried to have the OS changed on this item but received a clear no. Reply was that this behaviour was too deep in sourcecode to have changed.