Hello, i want to ask,
i have 2 internet connection with static ip public and i want to configure my juniper srx 100 with scenario like this:
a. user with ip address list 1-30 connect to internet with ISP 1
b. user with ip address 31-254 connect to internet with ISP 2
i have already configure fortigate with scenario like that use routing policy for dual internet connection
can i do that routing policy like fortigate in juniper srx 100 ?
anyone can help me ?
sorry for my bad english.
Yes you can do this.
Put both the ISPs in different routing instance.
keep one in inet.o and the second one in another routing instance.
create firewall filter to route traffic
filter term 1 will have the source 31-254 ips and destination any and the action as then accept routing-instance instance 1.
filter term 2 will have action as then accept.
set firewall filter routing term1 from source-address 31-254 ips
set firewall filter routing term 1 from destination-address 0.0.0.0
set firewall filter routing term 1 then accept
set firewall filter routing term 1 then routing-instance instance1
set firewall filter routing term 2 then accept
apply this firewall filter to the interface which is the ingress interface.
set interface ge-0/0/2.0 family inet filter input routing
Also you could go through this KB which talks about the scenario.