Solved

Juniper SSG5 - no connectivity

Posted on 2011-03-19
2
668 Views
Last Modified: 2012-05-11
Hi, im am trying to setup a new SSG5. I have been given small /29 subnett with public IP's and I can not get it to work.

I have added a default route, but i cannot reach anything outside fram the inside.
Can anyonw see if have i have done something wrong here?  The Untrust Eth0/0 has this config:
set interface ethernet0/0 ip 87.110.178.210/29

And the default route looks like this:
set route 0.0.0.0/0 interface ethernet0/0 gateway 87.110.178.209


I can not ping anything on the outside.

I also have setup a test D-Link router which is working on IP 87.110.178.214 so i know that the subnet is working.
-cfg-2-.txt
0
Comment
Question by:xcomiii
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 70

Accepted Solution

by:
Qlemo earned 500 total points
ID: 35173237
Your config seems to be ok. Only note I have is that you have defined the same gateway twice - once for the interface, and another one in the trust-vr vrouter setup. I would only use the interface one, and allow adding the default gateway again:
set vrouter "trust-vr"
set add-default-route
unset route 0.0.0.0/0 interface ethernet0/0 gateway 87.110.178.209
exit

Open in new window

Did you check if policy 1 is hit at all? You have setup session logging, so you should see that.
And of course you checked you can reach your default gateway?!
0
 
LVL 9

Author Comment

by:xcomiii
ID: 35173847
Thanks for your reply.
I did try to remove the second gateway, but "in use" error appeared.
However, you did point me in the right direction so i decided to restore the box to default setting and start over again, this time with only one gateway.

So now it works like dream, thank you.
0

Featured Post

How to Defend Against the WCry Ransomware Attack

On May 12, 2017, an extremely virulent ransomware variant named WCry 2.0 began to infect organizations. Within several hours, over 75,000 victims were reported in 90+ countries. Learn more from our research team about this threat & how to protect your organization!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Cisco ASA 5512 LAN Config 16 127
Port forwarding 14 199
SonicWALL SIP Transformation Problem 4 162
What is an ASP Table on a Cisco ASA? 3 69
In this tutorial I will show you with short command examples how to obtain a packet footprint of all traffic flowing thru your Juniper device running ScreenOS. I do not know the exact firmware requirement, but I think the fprofile command is availab…
Imagine you have a shopping list of items you need to get at the grocery store. You have two options: A. Take one trip to the grocery store and get everything you need for the week, or B. Take multiple trips, buying an item at a time, to achieve t…
A short tutorial showing how to set up an email signature in Outlook on the Web (previously known as OWA). For free email signatures designs, visit https://www.mail-signatures.com/articles/signature-templates/?sts=6651 If you want to manage em…
Finds all prime numbers in a range requested and places them in a public primes() array. I've demostrated a template size of 30 (2 * 3 * 5) but larger templates can be built such 210  (2 * 3 * 5 * 7) or 2310  (2 * 3 * 5 * 7 * 11). The larger templa…

740 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question