SRX Services Gateway
SRX Services Gateway

fxp0 on SRX300 - SRX packet-mode OOB management

‎03-11-2019 07:03 AM

Is it possible to convert one of the revenue (ge-) interfaces to fxp0 (management interface) without actually forming a cluster?

I need this kind of interface for secure OOB management. Unfortunately SRX300-SRX320 have no dedicated fxp0.

I know I could:

- use a management zone to emulate fxp behavior -> but the device is in packet-mode... 

- just put the interface in a separater VR and forgetr about it

 

I am just looking for more elegant solution.

 

Regards,

Pawel Mazurkiewicz

4 REPLIES 4
SRX Services Gateway

Re: fxp0 on SRX300 - SRX packet-mode OOB management

‎03-11-2019 10:11 AM

Re-configure the device in in flow mode and use Selective stateless packet-based services which allow you to simultaneously use both flow-based and packet-based forwarding on a system. In this case you can use managment zone

 

Thanks,
Nellikka
JNCIE x3 (SEC #321; SP #2839; ENT #790)
Please Mark My Solution Accepted if it Helped, Kudos are Appreciated too!!!
SRX Services Gateway

Re: fxp0 on SRX300 - SRX packet-mode OOB management

‎03-11-2019 10:12 AM

And the KB is : https://kb.juniper.net/InfoCenter/index?page=content&id=KB26757

 

Thanks,
Nellikka
JNCIE x3 (SEC #321; SP #2839; ENT #790)
Please Mark My Solution Accepted if it Helped, Kudos are Appreciated too!!!
SRX Services Gateway
Solution
Accepted by topic author pmazurkiewicz
‎03-14-2019 04:58 AM

Re: fxp0 on SRX300 - SRX packet-mode OOB management

‎03-11-2019 10:12 AM

I don't think there is a way to do that.  ge-0/0/0 automatically becomes fxp0 when you create a cluster of SRX300s, but you only have one SRX, right?  You could consider turning clustering on, even if you have one SRX, BUT, you would lose ge-0/0/1 as a revenue port, as ge-0/0/1 becomes fxp1 (control link) when you turn on clustering. 

 

I would say your best option is the routing instance since you are in packet mode. 

Yasmin Lara - Juniper Ambassador #QuadE - JNCIE-SP, JNCIE-ENT, JNCIE-DC, JNCIE-SEC
JNCIS-CLOUD, JNCDS-DC, JNCIA-DevOps
SRX Services Gateway

Re: fxp0 on SRX300 - SRX packet-mode OOB management

‎03-14-2019 05:00 AM

Yeah, I will use routing instance for the revenue ports and leave only management interface in the default one. 

Thanks Yasmin!

 

Regards,

Pawel Mazurkiewicz