vSRX
vSRX

traffic unable to pass through vSRX

‎07-21-2019 07:37 PM

Hello great folks,

 

Im creating my own virtual lab with vSRX and practicing with it. I encounter a weird problem, I cannot establish a connection accross 2 host as expected.  I already checked the zones and policies of the interfaces but no luck. Please help me, i dont know what config i am missing or what might be the problem. I tried using vSRX version 15.1X49-D170 and 15.1X49-D180 but encountering same problem. Thanks in advance

 

vSRX1.pngvSRX2.png

 

4 REPLIES 4
vSRX

Re: traffic unable to pass through vSRX

‎07-21-2019 08:07 PM

Hello,

 

Are you sure this traffic is coming onto the vSRX?

 

I see both hosts are in same subnet. In that case, when you initiate ping from 10.100.100.8 for 10.100.100.10, it will generate a ARP query for 10.100.100.10. Since this host is in different broadcast domain, the ARP query will go unanswered and vSRX will not receive the ping packet.

 

Do you have any special requirement to have the hosts in same subnet communicate via vSRX?

If so, then you may want to configure proxy arp for 10.100.100.10 on ge-0/0/0 of vSRX such that vSRX will respond to the ARP query and receive the ICMP packet. Similarly, proxy arp for 10.100.100.8 needs to be configured on ge-0/0/1.

 

If there is no such need, please change the subnet on one side and test the connectivity.

 

Thanks,

Pranita

Highlighted
vSRX

Re: traffic unable to pass through vSRX

‎07-21-2019 08:28 PM

oh ok, im trying to imitate an infrastructure and it is only a part.  I think will modify a few things to make things simple for me. 

 

Thank you very much 

vSRX

Re: traffic unable to pass through vSRX

‎07-22-2019 07:48 AM

James,

 

I am just trying to understand why 2 layer3 interfaces on the vSRX (ge-0/0/0, ge-0/0/1) are in the same subnet?

 

Did you mean to enable switching/layer2 on these perhaps?

 

If you're just learning to play around the interface/junos in general, I would use something like this:

 

Host1 (10.100.100.8) ---- (10.100.100.5/24) ge-0/0/0 SRX ge-0/0/1 (10.100.200.6/24) ---- (10.100.200.10) Host2

 

That, if all you want to achieve is a successful session and observe how the flow works on the vSRX/Junos platform.

 

If not, the two interfaces need to be in ethernet-switching if you plan on maintaining the same subnet across both interfaces.

 

Share your thoughts.

 

Cheers

Pooja

Please Mark My Solution Accepted if it Helped, Kudos are Appreciated too!!!

vSRX

Re: traffic unable to pass through vSRX

‎07-26-2019 02:58 PM

James,

 

Just following up, did you get the chance to review our posts on here?

 

Did you have any more questions?

Cheers

Pooja