SRX

last person joined: 18 hours ago 

Ask questions and share experiences about the SRX Series, vSRX, and cSRX.

  • 1.  one vlan 2 subnets

    Posted 10-11-2017 03:29

    Hi I have this situaton I have to setup on my SRX two subnets in one VLAN. Here's my interface config, but I am unable

    to route traffic from subnet 1.0 to 3.0 but I am able to route traffic from 3.0 to 1.0. I know its not standart or even recommended but I have to ensure to communicate hosts between subnets for short period of time and then I will reconfigure whole network. Is it possible ? Thanks

     

    description "TRUNK TO CORESW";
    vlan-tagging;
    redundant-ether-options {
     redundancy-group 1;
    }
    unit 1 {
     description LAN;
     vlan-id 1;
     family inet {
     filter {
     input SQUID;
     }
     sampling {
     input;
     output;
     }
     address 192.168.1.1/24 {
     primary;
     }
     address 192.168.3.1/24;
     }
    }



  • 2.  RE: one vlan 2 subnets
    Best Answer

    Posted 10-11-2017 04:53

    The answer will likely be in the security policy configuration.  

     

    Look at the same zone to same zone policies for the zone this unit 1 interface is assigned to.

     

    Also confirm there are no conflicting routes installed for either subnet and that the default gateways for the respective computers are correct.

     

    You can run trace options for the failed traffic to see why the communications is denied.

     

    https://kb.juniper.net/InfoCenter/index?page=content&id=KB21757