SRX

I'm very new to SRX220 and I apologize for asking something potential stupid.

I have a SRX220 which connects at ge-0/0/0 to a VDSL2 modem (configured in bridge mode) to the internet. This connection works fine. At present time I have a simple level 2 switch box which connects the modem with the SRX220. My intention is to use ge-0/0/5 and ge-0/0/6 for that connection. This is because the only way (right now) to verify the modem status is to logon to the modem's web interface. Doing it with my laptop via that level 2 switch works fine. Using the ports of the SRX220 shuts down the PPPoE connection immediately. What is my mistake? Thanks!

I have configured:

vlan4 {
     vlan-id 4;
}

and ge-0/0/5 and ge-0/0/6 as:

ge-0/0/x {
   unit 0 {
      family ethernet-switching {
         vlan {
            members vlan4;
         }
      }
   }
}

Hello, Wilfried

I am trying to understand the current and the desired topology in order to help you. Please let me know if they look like this:

Current topology:

SRX-(ge-0/0/0)----------Modem

Desired Topology:

Laptop--------(ge-0/0/5)-SRX-(ge-0/0/6)----------L2_Switch-------Modem

Can you also share the current configuration of ge-0/0/0 and please elabrote on the meaning of "Using the ports of the SRX220 shuts down the PPPoE connection immediately". Thanks 

Hi epaniagua,

First of all, thank you so much for your prompt reply.

Right now:

SRX-(ge-0/0/0)---------L2_Switch-------Modem

                                                              |

                                                              |

                                                              +- - Laptop

Plan:

SRX-(ge-0/0/0)---------(ge-0/0/5)-SRX-(ge-0/0/6)------Modem

Intention of my next step is to create a „l3-interface vlan.4;“ to get to the modem‘s web interface. Again - port (ge-0/0/0) is configured as PPPoE connection to my ISP and all ip-traffic on that port is sent via the modem to the internet.

... I‘m sorry, I missed some information.

ge-0/0/0 {
   description "ISP T-Online";
   vlan-tagging;
   mtu 1514;
   link-mode full-duplex;
   gigether-options {
      no-auto-ntegotiation;
   }
   unit 0 {
      description "ISP T-Online";
      encapsulation ppp-over-ether;
      vlan-id 7;
   }

}

When using the separate level2 switch, PPPoE connection is established. When changing to the planned configuration, PPPoE goes down (of course) and connection will not get up again.

Thanks.

Wilfried,

Your ge-0/0/0 interface is expecting tagged packets with vlan-id 7. For the SRX, in between, to keep those tags it has to have its interfaces in trunk mode:

vlan7 {
      vlan-id 7;
      }

and ge-0/0/5 and ge-0/0/6 as:

ge-0/0/X {
unit 0 {
family ethernet-switching {
port-mode trunk;
vlan {
members [ vlan4 ];
    }
}

Try it and let us know. If it works please mark it as Resolved =P 

Hello epaniagua,

Thank you for your help and pointing me into the right direction. The solution did worked as soon as I also added vlan7 to the vlan members list.

for ge-0/0/5 and ge-0/0/6:

ge-0/0/X {
   unit 0 {
      family ethernet-switching {
         port-mode trunk;
         vlan {
            members [ vlan4 vlan7 ];
         }
      }
   }
}