SRX Services Gateway
SRX Services Gateway

Can SRX get its WAN IP address from dhcp on a irb. fam inet address dhcp ?

[ Edited ]
a week ago

Short question.
Can an SRX get its WAN IP address from dhcp on a irb.100 fam inet address dhcp ?
Working just fine on ge-0/0/0 . What am I missing ? Right now im back to ge-0/0/0 for the SRX uplink.

 

#show int ge-0/0/0 | display set
set interfaces ge-0/0/0 unit 0 family inet dhcp

# show interfaces irb.100 | display set
set interfaces irb unit 100 description "used to setup srx internet wan edge"
set interfaces irb unit 100 family inet dhcp force-discover

# show interfaces ge-0/0/1 | display set
set interfaces ge-0/0/1 native-vlan-id 100
set interfaces ge-0/0/1 unit 0 family ethernet-switching interface-mode trunk
set interfaces ge-0/0/1 unit 0 family ethernet-switching vlan members [100 270 370 2000 3000]

# show security zones security-zone trust | display set
set security zones security-zone trust screen trust-screen
set security zones security-zone trust host-inbound-traffic system-services all
set security zones security-zone trust host-inbound-traffic protocols all
set security zones security-zone trust interfaces irb.2000
set security zones security-zone trust interfaces irb.3000
set security zones security-zone trust interfaces irb.270
set security zones security-zone trust interfaces irb.370
set security zones security-zone trust application-tracking

# show security zones security-zone untrust | display set
set security zones security-zone untrust screen untrust-screen
set security zones security-zone untrust host-inbound-traffic system-services ike

set security zones security-zone untrust interfaces ge-0/0/0.0 host-inbound-traffic system-services dhcp
set security zones security-zone untrust interfaces ge-0/0/0.0 host-inbound-traffic system-services https
set security zones security-zone untrust interfaces ge-0/0/0.0 host-inbound-traffic system-services ike

set security zones security-zone untrust interfaces irb.100 host-inbound-traffic system-services dhcp
set security zones security-zone untrust interfaces irb.100 host-inbound-traffic system-services https
set security zones security-zone untrust interfaces irb.100 host-inbound-traffic system-services ike

 

Long story
Getting my home lab setup and i'm trying to use my srx 320 that I use for a remote access vpn to HQ.
Right now im wanting to start bulding my JNCIP ENT and SP lab up while getting a litte more SRX experiance.
Current setup
ISP--|home ap/router|--SRX320 < Phone/PC/Accesspoint

Wanted setup
 
                                              /-[home ap/router]
ISP -[2300c]--Vlan100 |                                                                         /  Phone
                                          \ -Trunk 100,270,370,2000,3000\--[SRX320]----- Access  point but using MIST EDGE
                                                                                                                   \  PC
My issue.. I want to trunk 100,270,370,2000,30000 to anf from the SRX. The SRX  is root for a  few vlans  in my lab. I tried this a few times  while marking native vlan-id 100 and the SRX would not get a dyn ip from my home router.

Going to lab up is-is/ospf/bgp/igmp/ import/export filters to get read for IP level examms.
I only mention this if anyone can offer any other advice  and understand this is ment to be a little busy of a setup.


100 being untagged from cablemodem to home ap and SRX
270,370 used to make adj for multi area multi AS routing protocols
2000,3000 Company PC and Phone network so I can have resources in other parts of my house.

3 REPLIES 3
SRX Services Gateway

Re: Can SRX get its WAN IP address from dhcp on a irb. fam inet address dhcp ?

a week ago
Does this work?

del interfaces irb unit 100 family inet
set interfaces irb unit 100 family inet dhcp-client
SRX Services Gateway
Solution
Accepted by topic author tgreaser
a week ago

Re: Can SRX get its WAN IP address from dhcp on a irb. fam inet address dhcp ?

a week ago

Thanks for the reply. It started getting its IP from the irb.100 with out any modifications..

Im not 100% sure but it looks like the logs showed it took a while for the SRX to re init to get an address. 

 

Now my vpn is not coming up..  I will create a new thread on that since SRX is getting its ip address via irb.100 .

 

SRX Services Gateway

Re: Can SRX get its WAN IP address from dhcp on a irb. fam inet address dhcp ?

a week ago

Digging through my logs  and time stamps.. I think irb.100 started working when i did a commit full force

 

Also my vpn tunnel is working .. found a post on jnet srx that reminded me to update under my ike gateway

set security ike gateway vpn-local-gw external-interface irb.100

 

Thanks again for taking the time to read and help me out..  Now ON to my labs!!!