SRX Services Gateway
Highlighted
SRX Services Gateway

SRX1400 a new installation

[ Edited ]
‎05-24-2018 03:42 AM

Dear all,

 

   I have a new SRX1400 configuration, after i finish configuration i connect a Laptop interface to ge 0/0/0 , but i cannot reach ge 0/0/0 IP Address from my Laptop and also cannot reach my Laptop IP address from ge 0/0/0 , that is my configuration:

 

Laptop interface ip address: 192.168.3.1

 

admin@CIG-HQ# run show configuration
## Last commit: 2018-05-24 11:18:27 UTC by admin
version 12.3X48-D30.7;
system {
host-name CIG-HQ;
root-authentication {
encrypted-password "$1$7q9.bQor$DL82Udw7QTglbnw8QKaLE1"; ## SECRET-DATA
}
login {
user admin {
uid 2000;
class super-user;
authentication {
encrypted-password "$1$zCoWnNIU$ybHRtNyEddKjVv2BPO3oW/"; ## SECRET-DATA
}
}
}
services {
ssh;
telnet;
web-management {
http;
}
}
}
interfaces {
ge-0/0/0 {
unit 0 {
family inet {
address 192.168.3.3/24;
}
}
}
ge-0/0/1 {
unit 0 {
family inet {
address 192.168.33.3/24;
}
}
}
fxp0 {
unit 0 {
family inet {
address 192.168.1.1/24;
}
}
}
}
snmp {
community public {
authorization read-only;
}
}
routing-options {
static {
route 0.0.0.0/0 next-hop 192.168.3.1;
}
}

[edit]
admin@CIG-HQ#

 

 

admin@CIG-HQ# run ping 192.168.3.3
PING 192.168.3.3 (192.168.3.3): 56 data bytes
64 bytes from 192.168.3.3: icmp_seq=0 ttl=64 time=0.247 ms
64 bytes from 192.168.3.3: icmp_seq=1 ttl=64 time=0.159 ms
64 bytes from 192.168.3.3: icmp_seq=2 ttl=64 time=0.167 ms
64 bytes from 192.168.3.3: icmp_seq=3 ttl=64 time=0.174 ms
^C
--- 192.168.3.3 ping statistics ---
4 packets transmitted, 4 packets received, 0% packet loss
round-trip min/avg/max/stddev = 0.159/0.187/0.247/0.035 ms

 

 

[edit]
admin@CIG-HQ# run ping 192.168.3.1 source 192.168.3.3
PING 192.168.3.1 (192.168.3.1): 56 data bytes

 

3 REPLIES 3
SRX Services Gateway

Re: SRX1400 a new installation

[ Edited ]
‎05-24-2018 04:07 AM

as the SRX name says it is not a router it is a firewall, thus you need to

either put it to packet-mode, then it behaves like a router

or

you need to configure zones and host in bound services

 

regards

alexander

 

PS: Day One book about SRX up and running from juniper website can be a help

SRX Services Gateway

Re: SRX1400 a new installation

‎05-24-2018 05:38 AM

thx for repling,

okay i removed a Laptop and i add L3 Cisco switch,  i am also unable to ping from switch interface 0/25 to srx ge 0/0/0 interface.

 

 

this is switch interface configuration:

 

interface GigabitEthernet0/25
no switchport
ip address 192.168.3.1 255.255.255.0

 

 

SRX Services Gateway
Solution
Accepted by topic author Mar0
‎05-27-2018 12:39 AM

Re: SRX1400 a new installation

‎05-24-2018 06:22 AM

Like Alexander mentioned, the SRX is a firewall by default and not a router.  The SRX interfaces will not process any traffic until they are assigned to security zones, the appropriate inbound traffic is permitted, and security policies are defined.  You will need to properly set up the 'security' portion of the config with all of those features before traffic will flow.  Or, you can set the device into packet mode and it will perform standard routing functions, but you lose all firewall functionality.

 

The SRX Day One book available at https://www.juniper.net/us/en/training/jnbooks/day-one/srx-up-running/index.page should walk you through everything you'll need to configure.