SRX Services Gateway
SRX Services Gateway

cisco switch connect to SRX 650

‎09-09-2019 10:14 AM

Hi everyone .

I have two vlan (10,20) in cisco 2960 switch and connected one port from cisco switch to SRX 650. I configured cisco port switch as trunk .  my question is how can i make inter vlan routing in juniper SRX 650  and i want default gateway for each vlan be in the SRX 650.

tnx

10 REPLIES 10
SRX Services Gateway

Re: cisco switch connect to SRX 650

‎09-09-2019 10:27 AM

Hi Ghasisin,

 

You can setup the interface like this.

You only have to assign the ge-0/0/0.10 and ge-0/0/0.20 interfaces to a Security Zone and create a policy which allows traffic between the security zones

 

interfaces {
    ge-0/0/0 {
        vlan-tagging;
        unit 10 {
            vlan-id 10;
            family inet {
                address 192.168.10.254/24;
            }
        }
        unit 20 {
            vlan-id 20;
            family inet {
                address 192.168.20.254/24;
            }
        }
       }

Regards,

 

Robbert

SRX Services Gateway

Re: cisco switch connect to SRX 650

‎09-09-2019 10:59 AM

Hi Robert . 

Many tnx for your respond 

I'm new  in juniper  .  I've question about layer 2 in  juniper . why we use vlan-tagging again in juniper  , why the port is not as trunk  for accespt vlans that receive  from cisco switch ?

is it possible to implement  port that connect from SRX 650 to switch like that ?

 

 interfaces {
fe-0/0/0 {
unit 0 {
family ethernet-switching {
port-mode trunk;
vlan {
members [ vlan-100 vlan-110 vlan-120 ];
}
}
}
}

 

SRX Services Gateway

Re: cisco switch connect to SRX 650

[ Edited ]
‎09-09-2019 11:13 AM

You can also set a port (or multiple ports) to family ethernet-switching with port mode trunk and assign vlans to them

But in my opinion it is more config to achieve the same result.

Especially because you already have a Cisco switch.

 

Beside of

interfaces {
fe-0/0/0 {
unit 0 {
family ethernet-switching {
port-mode trunk;
vlan {
members [ vlan-100 vlan-110 vlan-120 ];
}
}
}
}

you have to define the vlans and assign l3 interfaces to them

vlans {
    vlan-100{
        vlan-id 100;
        l3-interface vlan.100;
    }
    vlan-110 {
        vlan-id 110;
        l3-interface vlan.110;
    }
    vlan-120 {
        vlan-id 120;
        l3-interface vlan.120;
    }
}

and create the interfaces themselve

interfaces {
    vlan {
        unit 100 {
            family inet {
                address 192.168.100.254/24;
            }
        }
        unit 110 {
            family inet {
                address 192.168.110.254/24;
            }
        }
    }
   unit 120 {
            family inet {
                address 192.168.120.254/24;
            }
        }
    }
}

Regards,

 

Robbert

SRX Services Gateway

Re: cisco switch connect to SRX 650

[ Edited ]
‎09-09-2019 11:25 AM

ghasisin,

 

Following Robert's configuration is like configuring router-on-a-stick in the Cisco world. It will work for the purposes you explained, however you could also configure the SRX in the way you explained. In that case you need to configure the following:

 

1. Configure the vlans on the SRX

 

 

set vlans VLAN-10 vlan-id 10
set vlans VLAN-20 vlan-id 20

 

 

 

2. Create Layer 3 interfaces for those vlans

 

 

set interfaces vlan.10 family inet address 192.168.10.1/24
set interfaces vlan.20 family inet address 192.168.20.1/24

 

 

3. Link the L3 interfaces to the vlans

 

 

set vlans VLAN-10 l3-interface vlan.10
set vlans VLAN-20 l3-interface vlan.20

 

 

3. Configure the Trunk port towards the SRX:

 

 

set interfaces fe-0/0/0 unit 0 family ethernet-switching port-mode trunk vlan members [ VLAN-10 VLAN-20 ]     }

 

 

 

SRX Services Gateway
Solution
Accepted by topic author ghasisin
‎09-09-2019 11:40 AM

Re: cisco switch connect to SRX 650

‎09-09-2019 11:39 AM

tnx robbert and lpaniagua for you responds and explanation

SRX Services Gateway

Re: cisco switch connect to SRX 650

‎09-09-2019 11:42 AM

You are welcome ghasisin!

 

SRX Services Gateway

Re: cisco switch connect to SRX 650

‎09-09-2019 11:46 AM

Many tnx

SRX Services Gateway

Re: cisco switch connect to SRX 650

‎09-09-2019 12:16 PM

you are welcome Smiley Happy

SRX Services Gateway

Re: cisco switch connect to SRX 650

‎09-10-2019 04:00 PM

The configuration is correct, just dont forget to add the vlan interfaces (vlan.10 and vlan.20 in lpaniagua's example) in to a security-zone.

 

SRX Services Gateway

Re: cisco switch connect to SRX 650

‎09-20-2019 08:03 AM

tnx