newgentechnologies
asked on
2 Subnets on 1 Interface w/ NetScreen 25
Hi I'm running a NetScreen 25 w/ 5.3r2 software.
I have an existing subnet from my ISP that we outgrew. The ISP assigned us an additional subnet because no adjacent subnets are available. We have to keep both subnets because we have a ton of production equipment on the origonal subnet.
We have talked to Juniper and they told us this is possible using a Sub-Interface, but we haven't got it to work yet. The problem is I cannot find any documentation to provide me with details as to how it works.
As it stands now I have a sub-if with and IP on the new subnet. When I try to assign an address from the new subnet to a device, the device is unable to ping anything. Not the gateway, not another device on the same subnet, not a device on the origional subnet, and not on the internet. I think the problem must be an issue with the firewall understanding the subnet or maybe even a policy issue.
Thanks in advance,
Lee
I have an existing subnet from my ISP that we outgrew. The ISP assigned us an additional subnet because no adjacent subnets are available. We have to keep both subnets because we have a ton of production equipment on the origonal subnet.
We have talked to Juniper and they told us this is possible using a Sub-Interface, but we haven't got it to work yet. The problem is I cannot find any documentation to provide me with details as to how it works.
As it stands now I have a sub-if with and IP on the new subnet. When I try to assign an address from the new subnet to a device, the device is unable to ping anything. Not the gateway, not another device on the same subnet, not a device on the origional subnet, and not on the internet. I think the problem must be an issue with the firewall understanding the subnet or maybe even a policy issue.
Thanks in advance,
Lee
ASKER
No we need the other ports for other purposes and need both subnets accessable in the same zone.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
I have sub interface ethernet2.1 which is in my DMZ zone along with my first subnet, and the link status is ready.
That's why I'm wondering if there's something to do with my policies or something.
That's why I'm wondering if there's something to do with my policies or something.
ASKER
The issue was that I should have been using a second IP not a sub interface.
Thanks jabiii
Thanks jabiii
cool :) glad you got it working, sorry I didn't respond to you afterwords, I had already left hehe
hi5
hi5
like have 2 ports trust 2 ports untrust?
are we talking class c or b addresses? what's the subnet mask and 3rd octet?