Go Premium for a chance to win a PS4. Enter to Win

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1008
  • Last Modified:

Juniper routing 2 trusted subnets

I am having a routing problem on a Juniper SSG-20.  I have recently been running out of IP addresses on my network and wanted to setup a seperate subnet for developement and test machines.  I have 2 interfaces boud to the the trust zone bg0 192.168.34.xxx/24 and 0/3 10.0.34.xxx/24.  I can communicate between both subnets without trouble but only the bg0 interface can connect to the internet.  I have 2 WAN interfaces 1/0 main high speed fiber connection and 4/0 a copper T1 connection for backup.

Below is the Destination routing table.  There are policies to allow Any traffice from Trust to Untrust.  

trust-vr
  IP/Netmask                Gateway              Interface       Protocol Preference Metric Vsys Description Configure
* 10.0.0.0/27                                            ethernet0/1  C                    Root    -
* 10.0.0.1/32                                            ethernet0/1  H                    Root    -
* 192.168.34.0/24                                    bgroup0       C                    Root    -
* 192.168.34.5/32                                    bgroup0       H                    Root    -
* 216.211.255.160/28                              ethernet1/0  C                    Root    -
* 216.211.255.162/32                              ethernet1/0 H                     Root    -
* 0.0.0.0/0                    216.211.255.161 ethernet1/0 S             20 1 Root  
* 10.0.34.0/24                                          ethernet0/3 C                     Root    -
* 10.0.34.5/32                                          ethernet0/3 H                     Root    -
* 206.166.129.112/28                              ethernet0/4 C                     Root    -
* 206.166.129.114/32                              ethernet0/4 H                     Root    -
  206.166.129.112/28  206.166.129.113 ethernet0/4 S             20 1 Root    

Any Help would be greatly appreciated.
0
James Rizzitano
Asked:
James Rizzitano
  • 2
1 Solution
 
kdearingCommented:
I'm not familiar with Juniper but given your situation, a few things come to mindt:
1. all devices have the Juniper as their default gateway
2. NAT/PAT configured for that subnet
3. security rules allow traffic from that subnet

I also noticed that all the other subnets have specific interfaces they're connected to except 192.168.34.0
What interfaces are included in that bridge group?
0
 
James RizzitanoAuthor Commented:
Only interface 0/2 is bound to the Bridge Group bg0
0
 
James RizzitanoAuthor Commented:
Needed to set the internal  interface on my second subnet in the trust zone to NAT it was incorrectly set to route mode.
0

Featured Post

Lessons on Wi-Fi & Recommendations on KRACK

Simplicity and security can be a difficult  balance for any business to tackle. Join us on December 6th for a look at your company's biggest security gap. We will also address the most recent attack, "KRACK" and provide recommendations on how to secure your Wi-Fi network today!

  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now