Junos
Junos

Multiple vlan interface on single reth on 240B

‎08-05-2018 11:22 AM

Hi Experts,

 

Need urgent help, i tried configuring multiple vlan tags on a single reth, it didn't worked. Configuration got committed but i wasn't getting input packets, though output packets were visible. Ping etc not working so had to revert back changes.
The requirement is to consolidate multiple firewall-switch connections on a single physical interface which is mapped on reth0, firewall cluster is in active-standby. Switch side (a Cisco) is a trunk port with tagged vlans. I tried using following configuration to map 2 vlan-interfaces on reth0, but no luck.

 

set interfaces ge-0/0/3 gigether-options redundant-parent reth0
set interfaces ge-5/0/3 gigether-options redundant-parent reth0
set interfaces reth0 vlan-tagging
set interfaces reth0 redundant-ether-options redundancy-group 1
set interfaces reth0 unit 3087 vlan-id 3087

set interfaces reth0 unit 3086 vlan-id 3086

set interfaces reth0 unit 3087 family inet address 165.136.X.X/29

set interfaces reth0 unit 3086 family inet address 172.197.X.X/29
set vlans ABC vlan-id 3087

set vlans XYZ vlan-id 3086
set security zones security-zone ABC interfaces reth0.3087

set security zones security-zone ABC interfaces reth0.3086

 

Thanks...!!!!

2 REPLIES 2
Junos

Re: Multiple vlan interface on single reth on 240B

‎08-05-2018 01:08 PM

Your interface configuration is correct (though I suppose you mean for your example to say set security zones security-zone XYZ interfaces reth0.3086 and not ABC)

 

No inbound traffic could be a number of things:

1. Missing security policies on the srx

2. Misconfigured trunk vs access or missing vlans on Cisco side

 

A topology diagram as well as output would be helpful

show chassis cluster status

show int reth0 extensive

show configuration security

 

 

Highlighted
Junos

Re: Multiple vlan interface on single reth on 240B

‎08-05-2018 07:47 PM

Thanks for quick response. Yes its just copy paste iteration will recheck and confirm.