SRX Services Gateway
Highlighted
SRX Services Gateway

No Internet on SRX.  Cannot ping from VR's

2 weeks ago

Hi There,

I have a problem where I cannot ping any external IP's or DNS names from my operational prompt.  When I do a ping 8.8.8.8 routing-instance <instance-name> it also does not work.  I have configured name-servers on my SRX.  I have multiple routing instances and I have added routing options also.  I am also importing my internet breakout VR into my other VR's.  I have also setup my junos-host security zone and a security policy for that.  When I ping, there is no return packets and when I do a traceroute, it does not even hit the gateway.  I have also created a source NAT.

 

Any help will be highly appreciated!

7 REPLIES
SRX Services Gateway

Re: No Internet on SRX.  Cannot ping from VR's

2 weeks ago

Due to the above, I cannot update my AV or download the IDP database and templates.  Can I force these updates downloads over a different VR?

SRX Services Gateway

Re: No Internet on SRX.  Cannot ping from VR's

2 weeks ago

This KB may help you: https://kb.juniper.net/InfoCenter/index?page=content&id=KB32386&pmv=print&actp=RSS&searchid=&type=cu...

 

Thanks,
Nellikka
Please Mark My Solution Accepted if it Helped, Kudos are Appreciated too!!!
SRX Services Gateway

Re: No Internet on SRX.  Cannot ping from VR's

2 weeks ago

Thank you for your prompt reply.  I have applied that KB also (but I did a rollback as it was not successful).  I have also after that did some more configurations, so I will just re-apply that now and revert back to you.

SRX Services Gateway

Re: No Internet on SRX.  Cannot ping from VR's

2 weeks ago

I have applied the KB again, but the issue remains.

Just some more information, my management range (for my VM's I am running) is on the same range as my fxp0 range.  In other words, I manage my SRX from the same IP range as I manage my management VM's.  I do not have a me (it is the fxp0) interface and I have 2 SRX devices in a cluster.

 

I am at a loss.

SRX Services Gateway

Re: No Internet on SRX.  Cannot ping from VR's

2 weeks ago

Forgot to mention, that I can now ping from Manegement VR, but not from the operational prompt on the SRX.

SRX Services Gateway

Re: No Internet on SRX.  Cannot ping from VR's

2 weeks ago

Please share your configuration and the output of "show route <ip address which you are trying ping> "

 

Thanks,
Nellikka
Please Mark My Solution Accepted if it Helped, Kudos are Appreciated too!!!
SRX Services Gateway

Re: No Internet on SRX.  Cannot ping from VR's

2 weeks ago

Here is the route as requested (Configuration attached):

"

triple4.gys@jhbsrx345-1# run show route 8.8.8.8

inet.0: 53 destinations, 58 routes (53 active, 0 holddown, 0 hidden)
+ = Active Route, - = Last Active, * = Both

0.0.0.0/0 *[Static/5] 1d 01:26:10
> to <public IP> via ge-0/0/3.0
[Static/5] 1d 01:26:10
> to <public IP> via ge-0/0/3.0

vr-is-untrust.inet.0: 47 destinations, 76 routes (47 active, 0 holddown, 0 hidden)
+ = Active Route, - = Last Active, * = Both

0.0.0.0/0 *[Static/5] 13w0d 06:41:39
> to <public IP> via ge-0/0/3.0

vr-md.inet.0: 48 destinations, 49 routes (48 active, 0 holddown, 0 hidden)
+ = Active Route, - = Last Active, * = Both

0.0.0.0/0 *[Static/5] 13w0d 06:41:39
> to <public IP> via ge-0/0/3.0

vr-md-dmz.inet.0: 48 destinations, 49 routes (48 active, 0 holddown, 0 hidden)
+ = Active Route, - = Last Active, * = Both

0.0.0.0/0 *[Static/5] 13w0d 06:41:39
> to <public IP> via ge-0/0/3.0

vr-ekosource.inet.0: 48 destinations, 49 routes (48 active, 0 holddown, 0 hidden)
+ = Active Route, - = Last Active, * = Both

0.0.0.0/0 *[Static/5] 13w0d 06:41:39
> to <public IP> via ge-0/0/3.0

vr-t4mngt.inet.0: 48 destinations, 49 routes (48 active, 0 holddown, 0 hidden)
+ = Active Route, - = Last Active, * = Both

0.0.0.0/0 *[Static/5] 13w0d 06:41:39
> to <public IP> via ge-0/0/3.0

vr-t4int.inet.0: 48 destinations, 49 routes (48 active, 0 holddown, 0 hidden)
+ = Active Route, - = Last Active, * = Both

0.0.0.0/0 *[Static/5] 13w0d 06:41:39
> to <public IP> via ge-0/0/3.0

vr-eko-sfb-dmz.inet.0: 48 destinations, 49 routes (48 active, 0 holddown, 0 hidden)
+ = Active Route, - = Last Active, * = Both

0.0.0.0/0 *[Static/5] 13w0d 06:41:39
> to <public IP> via ge-0/0/3.0

vr-eko-sfb-int.inet.0: 49 destinations, 51 routes (49 active, 0 holddown, 0 hidden)
+ = Active Route, - = Last Active, * = Both

0.0.0.0/0 *[Static/5] 13w0d 06:41:39
> to <public IP> via ge-0/0/3.0

vr-sfb-dmz.inet.0: 48 destinations, 49 routes (48 active, 0 holddown, 0 hidden)
+ = Active Route, - = Last Active, * = Both

0.0.0.0/0 *[Static/5] 13w0d 06:41:39
> to <public IP> via ge-0/0/3.0

vr-sfb-int.inet.0: 53 destinations, 56 routes (53 active, 0 holddown, 0 hidden)
+ = Active Route, - = Last Active, * = Both

0.0.0.0/0 *[Static/5] 13w0d 06:41:39
> to <public IP> via ge-0/0/3.0

vr-capetown.inet.0: 50 destinations, 52 routes (50 active, 0 holddown, 0 hidden)
+ = Active Route, - = Last Active, * = Both

0.0.0.0/0 *[Static/5] 4w6d 23:23:02
> to <public IP> via ge-0/0/3.0

vr-cptcameras.inet.0: 48 destinations, 49 routes (48 active, 0 holddown, 0 hidden)
+ = Active Route, - = Last Active, * = Both

0.0.0.0/0 *[Static/5] 3w6d 22:58:55
> to <public IP> via ge-0/0/3.0

vr-triple4.inet.0: 50 destinations, 52 routes (50 active, 0 holddown, 0 hidden)
+ = Active Route, - = Last Active, * = Both

0.0.0.0/0 *[Static/5] 3w0d 01:37:49
> to <public IP> via ge-0/0/3.0

{primary:node0}[edit]
triple4.gys@jhbsrx345-1#

 

 

 

Attachments