SRX Services Gateway
SRX Services Gateway

Private VLANs - Juniper SRX Firewall

10.02.17   |  
‎10-02-2017 10:27 AM
Hi all

We have a link from our Cisco switch to a Juniper SRX firewall where the Cisco end is configured as a promiscuous port. Over this link we configure a primary PVLAN.

Connected to the switch we also have a bunch of servers all in the same isolated PVLAN and subnet which is mapped to the primary. In this situation how is ARP handled when one server needs to communicate with another? An intra-zone rule on the SRX? Proxy ARP maybe?

Thank you