SRX Services Gateway
Highlighted
SRX Services Gateway

Srx100. Inside Vlan routing

‎06-16-2013 02:34 AM

Good day.

 

Need some help(

 

2 hosts in 1 vlan need to communicate.

 

host A 172.22.4.1/24 gw 172.22.4.254

host B 172.16.1.1/24 gw 172.16.1.254

 

srx 100 has:

    vlan {
        unit 0 {
            family inet {
                address 172.22.4.254/24;
                address 172.16.1.254/24;
            }
        }

 

In result both hosts communicate with SRX but dont see each other.

 


What else need to be done for inside vlan routing?

 

In cisco routers adding secondary ip to interface is enough.

 

Will be glad for any help.

2 REPLIES 2
Highlighted
SRX Services Gateway

Re: Srx100. Inside Vlan routing

‎06-16-2013 03:42 AM

Hi,

 

both addresses are in different subnets. So they need to routed. No problem, but a policy should allow this traffic:

 

Try this:

 

set security policy from-zone trust to-zone trust policy intrazone-trust match source-address any destination-address any application any

set security policy from-zone trust to-zone trust policy intrazone-trust then permit

 

Or define a policy like this in the gui (trust to trust any any any permit)

best regards,

Screenie.
Juniper Ambassador, Instructor,JNCIP
If this worked for you please flag my post as an "Accepted Solution" so others can benefit. A kudo would be cool if you think I earned it.
Highlighted
SRX Services Gateway

Re: Srx100. Inside Vlan routing

‎06-16-2013 03:50 AM

Just a reminder: On a srx in flowmode no L3 traffic is allowed to pass the device, even within the same zone, unless a policy allowes it!

best regards,

Screenie.
Juniper Ambassador, Instructor,JNCIP
If this worked for you please flag my post as an "Accepted Solution" so others can benefit. A kudo would be cool if you think I earned it.
Feedback