kinsja1
asked on
Juniper SRX configuration - basic config
Hi,
I'm missing something simple with my basic setup on SRX cluster. I would like 2 interfaces to be on the same vlan with PCs directly connected. There is a source nat in place for outbound access. I have connected a test PC but cannot even ping the gateway from either interface. Here is a snippet of config I ran.
set vlans vlan-60 vlan-id 60
set vlans vlan-60 l3-interface vlan.60
set interfaces vlan unit 60 family inet address 192.168.60.1/24
set interfaces interface-range interfaces-vlan60 member ge-0/0/6
set interfaces interface-range interfaces-vlan60 member ge-0/0/7
set interfaces interface-range interfaces-vlan60 unit 0 family ethernet-switching vlan members vlan-60
set security zones security-zone trust interfaces vlan.60
set security zones security-zone trust interfaces vlan.60 host-inbound-traffic system-services all
set security zones security-zone trust host-inbound-traffic protocols all
My PC has IP settings (192.168.60.60, 255.255.255.0, 192.168.60.1)
The troubleshooting section of jweb ping says no route to host.
Thanks for help!
I'm missing something simple with my basic setup on SRX cluster. I would like 2 interfaces to be on the same vlan with PCs directly connected. There is a source nat in place for outbound access. I have connected a test PC but cannot even ping the gateway from either interface. Here is a snippet of config I ran.
set vlans vlan-60 vlan-id 60
set vlans vlan-60 l3-interface vlan.60
set interfaces vlan unit 60 family inet address 192.168.60.1/24
set interfaces interface-range interfaces-vlan60 member ge-0/0/6
set interfaces interface-range interfaces-vlan60 member ge-0/0/7
set interfaces interface-range interfaces-vlan60 unit 0 family ethernet-switching vlan members vlan-60
set security zones security-zone trust interfaces vlan.60
set security zones security-zone trust interfaces vlan.60 host-inbound-traffic system-services all
set security zones security-zone trust host-inbound-traffic protocols all
My PC has IP settings (192.168.60.60, 255.255.255.0, 192.168.60.1)
The troubleshooting section of jweb ping says no route to host.
Thanks for help!
DarinTCH
Have you seen the "golden configs" on junipers site for branch devices....they walk u through the basics
ASKER
Hi Darin,
Yes this is what I have used to set it up. However can't get it to work. I've run through their examples a good few times and checked it's correct.
Yes this is what I have used to set it up. However can't get it to work. I've run through their examples a good few times and checked it's correct.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Reboot was all that was needed.
ASKER
Thanks