SRX Services Gateway
SRX Services Gateway

Chassis cluster with different IPs on both node

a week ago

Hello,

 

We have SRX300 cluster. We are configuring Azure Express route in our infrastructure. On Microsoft side, there are 2 vlans for Microsoft peering and one for private peering. They also have primary and secondary connection for each peering so our SRX ports are configured as trunk. For each peering I need to have same VLAN tagging but different IPs for primary and secondary connection. So one fiber optic cable is connected to one FW1 and one for second FW2. One cable carries 2 vlans for primary connection, second cable carries same vlans but for secondary connection.

I need to assign different IPs to each node since primary and secondary connections are in different subnet. Do you think it is possible on SRX cluster? Can I give different IPs to active and passive firewall ports on reth ports? Or do you have any other suggestion?

Thank you.

IsacPRimarySecondary.PNG

1 REPLY 1
SRX Services Gateway

Re: Chassis cluster with different IPs on both node

a week ago

You may use local interfaces instead of reth interfaces to connect Azure. Please refer page no. 16 of this KB for more details: 

https://kb.juniper.net/library/CUSTOMERSERVICE/GLOBAL_JTAC/technotes/SRX%20High%20Availability%20Dep...

 

 

Thanks,
Nellikka
JNCIE x3 (SEC #321; SP #2839; ENT #790)
Please Mark My Solution Accepted if it Helped, Kudos are Appreciated too!!!