SRX Services Gateway
SRX Services Gateway

Is it possible to implement this topology? image

‎11-04-2019 02:08 AM

Good morning, I would like to know if my Juniper SRX550 could support this topology, thanks in advance.

Duda.PNG

1 REPLY 1
SRX Services Gateway

Re: Is it possible to implement this topology? image

‎11-05-2019 05:40 AM

Hello!

This is my configuration:

 

set sytem services web-management https port 443 system-generated-certificate interface vlan.0
set system max-configuration-rollbacks 5
set system max-configurations-on-flash 5
set security policies from-zone VRPrincipalZone to-zone VRBOXExampleZone policy default-permit match source-address any
set security policies from-zone VRPrincipalZone to-zone VRBOXExampleZone policy default-permit match destination-address any
set security policies from-zone VRPrincipalZone to-zone VRBOXExampleZone policy default-permit match application any
set security policies from-zone VRPrincipalZone to-zone VRBOXExampleZone policy default-permit then permit
set security policies from-zone VRBOXExampleZone to-zone VRPrincipalZone policy default-permit match source-address any
set security policies from-zone VRBOXExampleZone to-zone VRPrincipalZone policy default-permit match destination-address any
set security policies from-zone VRBOXExampleZone to-zone VRPrincipalZone policy default-permit match application any
set security policies from-zone VRBOXExampleZone to-zone VRPrincipalZone policy default-permit then permit
set security zones security-zone VRPrincipalZone interfaces ge-0/0/5.0
set security zones security-zone VRBOXExampleZone interfaces ge-0/0/4.0
set security zones security-zone ZonaDeConfianza interfaces vlan.0 host-inbound-traffic system-services https
set interfaces ge-0/0/1 unit 0 family inet address 192.168.7.1/24
set interfaces ge-0/0/3 unit 0 family ethernet-switching vlan members vlan-trust
set interfaces ge-0/0/4 unit 0 family inet address 192.168.3.1/24
set interfaces ge-0/0/5 unit 0 family inet address 192.168.2.1/24
set interfaces vlan unit 0 family inet address 192.168.1.1/24
set interfaces vlan unit 2888 family inet address 192.168.4.1/24
set routing-instances VRBOXExample instance-type virtual-router
set routing-instances VRBOXExample interface vlan.2888
set routing-instances VRPrincipal instance-type virtual-router
set routing-instances VRPrincipal interface ge-0/0/5.0
set routing-instances VSNuestro instance-type virtual-switch
set routing-instances VSNuestro interface ge-0/0/3.0
set vlans vlan-trust vlan-id 3
set vlans vlan-trust l3-interface vlan.0

 

 

Sorry for my ignorance, I have little in networks, if you have a book or a source I would appreciate it, thanks again.