Routing

Hi

I hope this is the right forum for this question.

I have just deployed a second J4350 connecting to an Intranet using BGP. This is our second router to connect to this Intranet. The first J4350 is running ver8 Junos and the new router is running ver 10 code. We have deployed EX3200 and SRX 210 connecting back to each J4350.

When connecting to both users had difficulties connecting to Internet web sites via the Intranet. I decreased the local-preference to the newer J4350 and it all seemed to work until one customer could connect to one website hosted on the Intranet but not another even though both are on the same subnet. I believe the issue is asymmetric routing i.e. the outbound path is via the older J4350 but the return path is via the newer one and that the inherent firewall in Junos 10 is killing the connection.

Has anyone seen this with J4350?

Is it possible top run the 4350 as a plain old router?

Any comments welcomed

thanking you in advance

Aindriu

Hi,

> Is it possible top run the 4350 as a plain old router?

Configuration for Junos with Enhanced Services to behave as Junos in Router Context

http://kb.juniper.net/index?page=content&id=KB11963

Understanding and Changing Secure and Router Contexts

http://www.juniper.net/techpubs/software/junos-security/junos-security10.0/junos-security-admin-guide/secure-routing-context-chapter.html#secure-routing-context-chapter

Should help if it's the only problem there,

jtb

 Hi jtb

Thank you very much for the prompt response and for those references. Is there a particular reason why the routermode config is added in override. Can the changes not be added to the existing config? Or is it just best practice?

Regards

Aindriu

Hi jtb

That worked fine. No problems implementing just the firewall/security portions of the routermode config. And the issue with accessing websites was resolved.

Thanks for your help

Aindriu