vSRX (Firefly): IPSec tunnels: st0-interface, not in any zone?

‎05-18-2015 03:02 AM

Hello All


Im running a setup with two virtual SRXs and one physical. 

I can ping and ssh between the boxes - Im running flow/sec-mode


I want to create IPSec tunnels between the vSRXs and the real one, but the SA does not come up on the vSRX

I use the standard guides for building IPSec and Im testing wiht Pre-shared-keys, to keep it simple.

Im running the following version:


root> show version
Model: firefly-perimeter
JUNOS Software Release [12.1X47-D20.7]


But I get the following error:


[May 13 14:47:45]Couldn't get the zone information for interface st0, error No such file or directory



root> show security ike security-associations



For each vSRX I have two NICs allocated to the VMs: one for trust and one for un-trust.

Here is my interfaces:


root> show interfaces terse
Interface Admin Link Proto Local Remote
ge-0/0/0 up up
ge-0/0/0.0 up up
gr-0/0/0 up up
ip-0/0/0 up up
lsq-0/0/0 up up
lt-0/0/0 up up
mt-0/0/0 up up
sp-0/0/0 up up
sp-0/0/0.0 up up inet
sp-0/0/0.16383 up up inet --> --> 0/0 --> --> 0/0
ge-0/0/1 up up
ge-0/0/1.0 up up inet
dsc up up
gre up up
ipip up up
irb up up
lo0 up up
lo0.16384 up up inet --> 0/0
lo0.16385 up up inet --> 0/0 --> 0/0 --> 0/0 --> 0/0 --> 0/0
lo0.32768 up up
lsi up up
mtun up up
pimd up up
pime up up
pp0 up up
ppd0 up up
ppe0 up up
st0 up up 
st0.0 up up inet
tap up up
vlan up down



- the tunnel-interface st0 is up



Any help is appreciated



Accepted by topic author christianVP
‎08-26-2015 01:27 AM

Re: vSRX (Firefly): IPSec tunnels: st0-interface, not in any zone?

‎05-20-2015 04:51 AM

Re: vSRX (Firefly): IPSec tunnels: st0-interface, not in any zone?

‎07-17-2015 03:16 AM

Hi Chris,


Could you please share your observation using latest Firefly Perimeter instance?


Please let me know if you still have any questions.