MarkoIreland
asked on
Basic VLAN config on Juniper EX3200
Hi
I have inherited a Juniper EX3200 switch and am trying to configure it for our small branch office. There are no downstream managed switches at present. Note that I am very new to switch configuration and especially Junos.
What I want to achieve is to have 3 VLANs ( Server, Desktop & Wifi) with one uplink (ge-0/0/23) from the switch to our DSL router, address 192.168.1.1.
I can create the VLANs and RVIs. If I plug devices into ports which have VLANs assigned I can also ping the addresses of the RVIs, but can't get "outside" of the switch i.e. I can't ping 192.168.1.1.
I have been playing around with this for a few days, creating static routes and whatnot, but all to no avail.
So, I stripped everything back to barebones. The attached config file basically creates a VLAN & RVI, and assigns it to port ge-0/0/22. Port ge-0/0/23 is still the uplink but is a standard access port. The rest of the ports have no VLAN assigned at present.
What else do I need to configure to be able to talk to the router and the outside world? I'm sure it's something really simple that I'm missing.
Any help and perhaps sample configs would be much appreciated!
Thanks
config.txt
I have inherited a Juniper EX3200 switch and am trying to configure it for our small branch office. There are no downstream managed switches at present. Note that I am very new to switch configuration and especially Junos.
What I want to achieve is to have 3 VLANs ( Server, Desktop & Wifi) with one uplink (ge-0/0/23) from the switch to our DSL router, address 192.168.1.1.
I can create the VLANs and RVIs. If I plug devices into ports which have VLANs assigned I can also ping the addresses of the RVIs, but can't get "outside" of the switch i.e. I can't ping 192.168.1.1.
I have been playing around with this for a few days, creating static routes and whatnot, but all to no avail.
So, I stripped everything back to barebones. The attached config file basically creates a VLAN & RVI, and assigns it to port ge-0/0/22. Port ge-0/0/23 is still the uplink but is a standard access port. The rest of the ports have no VLAN assigned at present.
What else do I need to configure to be able to talk to the router and the outside world? I'm sure it's something really simple that I'm missing.
Any help and perhaps sample configs would be much appreciated!
Thanks
config.txt
ASKER
Hi harbor235
Yes, I set the default route on each of the devices e.g. desktops, to point to the relevant RVI as the default gateway.
As for a static route, I created a route with 0.0.0.0 as the address and 192.168.1.1 (router) as the next hop. However, this didn't seem to work.
Is it best to use a static route or dynamic routing in this situation?
Thanks
Yes, I set the default route on each of the devices e.g. desktops, to point to the relevant RVI as the default gateway.
As for a static route, I created a route with 0.0.0.0 as the address and 192.168.1.1 (router) as the next hop. However, this didn't seem to work.
Is it best to use a static route or dynamic routing in this situation?
Thanks
So you have several things going on here, the WIFI vlan is the only vlan I see defined properly and you have not assigned vlans to any port.
for example to assign a vlan to a port;
ge-0/1/2 {
description "Test Port"
unit 0 {
family ethernet-switching;
port-mode access;
vlan {
members WIFI;
}
Static Routing;
routing-options {
static {
route 0.0.0.0/0 next-hop 192.168.1.1;
}
as so on, you see?
harbor235 ;}
for example to assign a vlan to a port;
ge-0/1/2 {
description "Test Port"
unit 0 {
family ethernet-switching;
port-mode access;
vlan {
members WIFI;
}
Static Routing;
routing-options {
static {
route 0.0.0.0/0 next-hop 192.168.1.1;
}
as so on, you see?
harbor235 ;}
ASKER
Hi harbor235
I thought I had configured port ge-0/0/22 as belonging to VLAN "Wifi", just for testing ( see extract from config below)?
vlans {
Wifi {
vlan-id 40;
interface {
ge-0/0/22.0;
}
l3-interface vlan.1;
}
default {
l3-interface vlan.0;
}
}
From a laptop connected to port ge-0/0/22 I can ping the RVI (192.168.4.1) and the switch address (192.168.1.10), but not the DSL router at 192.168.1.1.
Even if I add the static router it doesn't seem to make any difference.
Thanks
I thought I had configured port ge-0/0/22 as belonging to VLAN "Wifi", just for testing ( see extract from config below)?
vlans {
Wifi {
vlan-id 40;
interface {
ge-0/0/22.0;
}
l3-interface vlan.1;
}
default {
l3-interface vlan.0;
}
}
From a laptop connected to port ge-0/0/22 I can ping the RVI (192.168.4.1) and the switch address (192.168.1.10), but not the DSL router at 192.168.1.1.
Even if I add the static router it doesn't seem to make any difference.
Thanks
vlans {
Wifi {
vlan-id 40;
interface {
ge-0/0/22.0;
}
l3-interface vlan.1;
}
default {
l3-interface vlan.0;
You created a layer 3 inerface ge-0/0/22.0 linked to vlan 1 - 192.168.4.1, not quite the same.
http://kb.juniper.net/InfoCenter/index?page=content&id=KB11000
harbor235 ;}
Wifi {
vlan-id 40;
interface {
ge-0/0/22.0;
}
l3-interface vlan.1;
}
default {
l3-interface vlan.0;
You created a layer 3 inerface ge-0/0/22.0 linked to vlan 1 - 192.168.4.1, not quite the same.
http://kb.juniper.net/InfoCenter/index?page=content&id=KB11000
harbor235 ;}
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Problem was solved by defining reciprocal routes.
Did you set up a static default route or use a dynamic routing protocol so you can route to 192.168.1.1 from the Juniper switch?
harbor235 ;}