SRX Services Gateway
SRX Services Gateway

Ping but no other traffic

05.10.12   |  
‎05-10-2012 03:04 PM
I've got an SRX240 connected to a L3 switch which has 2 VLANs configured. The switch itself does the routing between VLANs, and I've configured static routes on the SRX240 so that it knows how to route to the other VLAN. My problem is that Server on different VLANs can Ping each other fine, but no other ports are reachable. If I create a static route on the server itself (instead of it using the SRX240 as it's default gateway), then everthing works fine. I havn't created any blocking rules on the SRX240 and I've created a policy to allow traffic within a zone.
2 REPLIES
SRX Services Gateway

Re: Ping but no other traffic

05.14.12   |  
‎05-14-2012 05:53 AM

Please share the config.

 

thanks,

raheel

Follow me on Twitter @anwar_raheel

--
If this post was helpful, please mark this post as an "Accepted Solution".
Kudos are always appreciated!
SRX Services Gateway

Re: Ping but no other traffic

05.14.12   |  
‎05-14-2012 09:55 AM

Hi

 

If the server gateway is SRX and there is an IP from the same VLAN on core switch then traffic from VLAN1 to VLAN 2 (server VLAN) goes from VLAN1 to servers without going to SRX and return traffic will go through firewall, who does not have session so drop that one. This is basically asymmetric routing.

 

Please post the configuration of core switch and firewall. .

Kashif Rana
JNCIE-SEC, JNCIE-ENT, JNCIE-SP, JNCIS(FWV,SSL),JNCIA(IDP,AC,WX),BIG IP-F5-LTM, CCNP
----------------------------------------------------------------------------------------------------------------------------------------

If this post was helpful, please mark this post as an "Accepted Solution".Kudos are always appreciated!