I need help configuring a Juniper SRX210
router; it's new so assume it has the latest JunOS. we recently had a major Telco install Fibre internet
(10Mbps full) but it is "Customer Managed
" meaning they just provide a fibre transceiver with an RJ-45 port and we're supposed to do the rest!
We were told to purchase the Juniper SRX210he router, and they sent us the networking details we'd need to configure it. Unfortunately I've never used JunOS and BGP; I have used Juniper ScreenOS with Amazon's VPC service, and various other routers, but not much else with BGP. So I don't really know where to begin. I'm not even sure what this config is called so I'm not even sure what to search for.
I would like the SRX210 to act the "default gateway" for our existing router
(a SonicWALL), so in theory it shouldn't need much config as it only needs to route all packets between us and the internet, no NAT or filtering (our SonicWALL is already configured for all that). Like:
[ISP Fibre] -- [ISP Transceiver] -- [Juniper SRX210
] -- [Our SonicWALL] -- [Our LAN]
Here is the (sanitized) info we were given
(I've substituted different values in some places, but the idea is the same):
Customer Service ID: 1587599
Routing Protocol: BGP
ISP ASN: 6582
Customer ASN: 65422
BGP Password: 1587599
ISP Primary Internet IP: 220.127.116.11/30
Customer Primary Internet IP & Subnet Mask: 18.104.22.168 / 255.255.255.252
Primary Internet VLAN: 1900
ISP Secondary Internet IP: 22.214.171.124/30
Customer Secondary Internet IP & Subnet Mask: 126.96.36.199 / 255.255.255.252
Secondary Internet VLAN: 1901
Routable LAN IP & Subnet mask: 188.8.131.52/29
Useable LAN IPs: 184.108.40.206 - 14
What I believe needs to be done
1. Configure an interface with 2 VLANs/virtual interfaces, one each for the Primary and Secondary IPs. Connect to the Fibre connection.
2. Configure an interface with a usable IP (such as 220.127.116.11/29). Connect to our router.
3. Configure eBGP between the Juniper and the ISP.
4. Place all interfaces in the same trust zone.
5. Disable NAT.
6. Disable any firewall rules (or configure any/any/any rules).
7. Configure routing. I assume ISP will advertise a default route to the internet. The Juniper may need to advertise the 18.104.22.168/29 network back to ISP.
8. Are there additional steps needed on the Juniper to enable Steps A-C on the SonicWALL (below)?
Then I should be able to
A: Assign 22.214.171.124/29 to our SonicWALL
B: Use 126.96.36.199 as the Default Gateway on our SonicWALL
C: Use this Fibre internet connection.
(I can do these)
Can anyone help with Steps 1-8?
Either a config
I can edit, paste in and use? Or guide me
to what I need to do? Or point me to a site/document
with info to accomplish what I need to do?
I have tried searching along the lines of Juniper/JunOS BGP Customer Gateway, etc but since I don't know what the ISPs/Network Gurus would call this I'm not having much luck. I suspect it's probably easier than I think, I just don't know where to begin, I am fairly proficient with networking, just not JunOS or BGP.
Thanks so much!