Routing
Highlighted
Routing

External Interface Question

‎12-09-2013 02:07 PM

Need some help on hopefully a simple issue.  SRX220H [10.4R1.9]

I have 3 ISPs on 3 separate Interfaces.  

 

I want to be able to

1) Test connectivity externally to all 3 external interfaces

2) Manage the Switch from all 3 external interfaces

 

Currently I am only able to do both from ISP1.  ISP1 is set as the default Route.  

 

I have source NAT set to use Egress Interface.  

 

I suspect i may need to add a filter with a forwarding router instance?  Please point me in the right direction.

 

2 REPLIES 2
Highlighted
Routing

Re: External Interface Question

‎12-09-2013 02:36 PM

Hi 

 

hope that I understood your questions , it is always better to send a topology 

 

1) Test connectivity externally to all 3 external interfaces

 you can test using ping from external device , so just you need to enable ping under the [security zones security-zones ZONENAME interfaces INTERFACENAME host-inbound-traffic system-services] stanza for all external interfaces

 

2) Manage the Switch from all 3 external interfaces

the SW is behind the SRX and has private ip , so you need to define a destination NAT policy for each ISP , and of course you need to define FBF for ISP2 and ISP3 to make your SW replying to the connections initiated toward ISP2 and ISP3 external interfaces.  for ISP1 you don't need as you have already ISP1 is set as the default Route in the master inet0.

 

Regards


if this worked for you, kindly help other visitors/members of our community by tagging this post as "Accepted Solution".
Kudos are good way of appreciation.
-------------
Red1
JNCIE-SEC #158, JNCIP-SP, JNCIS- ( FWV, SA, AC )

Highlighted
Routing

Re: External Interface Question

‎12-09-2013 02:37 PM

In addition , this post should be moved to SRX category Smiley Happy


if this worked for you, kindly help other visitors/members of our community by tagging this post as "Accepted Solution".
Kudos are good way of appreciation.
-------------
Red1
JNCIE-SEC #158, JNCIP-SP, JNCIS- ( FWV, SA, AC )