SRX

 View Only

IMPORTANT MODERATION NOTICE

This community is currently under full moderation, meaning  all posts will be reviewed before appearing in the community. Please expect a brief delay—there is no need to post multiple times. If your post is rejected, you'll receive an email outlining the reason(s). We've implemented full moderation to control spam. Thank you for your patience and participation.



  • 1.  Anyway to create a bridge interface?

    Posted 08-31-2009 12:46
    Can anybody tell me how to create switch ports on an SRX210? I'm basically looking for the same functionality you can do on an SSG5/20 (ScreenOS), where you would have a bgroup0 that contains all of your interfaces that make up the switchports. Any help would be apprecaited... thanks.
    #srx210
    #Configuring
    #Port
    #switch
    #bgroup0


  • 2.  RE: Anyway to create a bridge interface?
    Best Answer

    Posted 08-31-2009 20:02

    Hi Berto,

     

    L2 Transparent mode (creating bridge domain) is not supported in SRX 210. It only supported in high end SRX i.e. SRX 3400, 3600, 5600, and 5800.

     

    _Ronin 

    Message Edited by _Ronin on 08-31-2009 08:27 PM
    Message Edited by _Ronin on 08-31-2009 08:28 PM

    #Transparent


  • 3.  RE: Anyway to create a bridge interface?

    Posted 09-01-2009 13:08

    Thanks for the info Ronin.... could you by chance also take a look at my reply on this thread? I am still having issues with Dynamic VPN. I am very new to JUNOS, and this forum seems heaven sent if people like you can assist. Thanks again!

     

    http://forums.juniper.net/jnet/board/message?board.id=srx&message.id=344#M344



  • 4.  RE: Anyway to create a bridge interface?

     
    Posted 09-05-2009 07:22

    I think the discussion may have gone a bit off track..  If you're looking to do transparent mode firewalling like ScreenOS, then yes, that's only available in SRX 3000 and 5000 series.

     

    I believe, however, that you're just looking to emulate a bgroup, like an SSG.  That's actually fairly simple.  Syntax is identical to EX switches.  A ScreenOS bgroup is roughly equivalent to a JUNOS vlan+rvi (routed vlan interface).

     

    An example that will make a bgroup out of the first 4 ports on an SRX210, and assign IP 192.168.1.1/24:

     

    set int ge-0/0/0.0 family ethernet-switching 

    set int ge-0/0/1.0 family ethernet-switching

    set int fe-0/0/2.0 family ethernet-switching

    set int fe-0/0/3.0 family ethernet-switching 

    set vlans default l3-interface vlan.0

    set int vlan.0 family inet addr 192.168.1.1/24

     

    Note that you can't have both family ethernet-switching and family inet configured at the same time on the same interface.  At that point, you'll need to assign vlan.0 to a zone, just like it was a physical interface.



  • 5.  RE: Anyway to create a bridge interface?

    Posted 09-05-2009 14:16
    I thought I read somewhere only Gig ports can run in switching mode!


  • 6.  RE: Anyway to create a bridge interface?

    Posted 09-05-2009 16:24

    I just finished SRX training last week and got my brand shiny new SRX210 (it's kind of like Christmas in summer 🙂

     

    Playing with config's and this one works just great - ge&fe in a bridge group are no problem.



  • 7.  RE: Anyway to create a bridge interface?

    Posted 09-06-2009 13:17

    Smiley Very Happy Your very own 210? You lucky guy!! With IDP license? What's more to wish for?!

     

    Thank you very much for your answer, will try it soon!



  • 8.  RE: Anyway to create a bridge interface?

    Posted 09-08-2009 13:59

    I tried on J-serie PIM and on chassis ports of a srx 210. Works realy cool. Same config as a EX.