Switching

last person joined: yesterday 

Ask questions and share experiences about EX and QFX portfolios and all switching solutions across your data center, campus, and branch locations.

  • 1.  L3 vlan filter config , please helps!

    Posted 06-02-2015 01:53

     Helo everyone, I'm new to Junos ,Now i want to setup the network , follow the picture,

     network.JPG

     

    Two switch have one vlan vlan10 to connect the PCs.

    Have a firewall filter to restric traffic from PC(10.10.10.101) to PC(10.10.10.102)

     

    How to setup this network?---------------------( better to have a complete config)

    Thanks very much!!!!!!!!!!!!

     

     

     



  • 2.  RE: L3 vlan filter config , please helps!
    Best Answer

     
    Posted 06-02-2015 02:47

    This configuration can be applied on EX2200. Can you try it?

     

    {master:0}[edit]
    lab@ex2200# show firewall
    family ethernet-switching {
        filter F {
            term 1 {
                from {
                    source-address {
                        10.10.10.101/32;
                    }
                    destination-address {
                        10.10.10.102/32;
                    }
                }
                then discard;
            }
            term 2 {
                then accept;
            }
        }
    }

    {master:0}[edit]
    lab@ex2200# show interfaces ge-0/0/0
    unit 0 {
        family ethernet-switching {
            port-mode access;
            filter {
                input F;
            }
        }
    }

    {master:0}[edit]
    lab@ex2200#

     

     

    You will need to configure something similar on EX4200 as well. Just revert the source-address with destination-address.

     



    =====

    If this worked for you please flag my post as an "Accepted Solution" so others can benefit. A kudo would be cool if you think I earned it.