Hi,
Our ISP want to monitor SRX(MPLS mode) loopback IP(Provided by ISP) from below given IP subnet.
ISP has shared below Cisco router configuration and request us to configure the same on SRX.
access-list 98 permit tcp 203.62.38.0 0.0.0.255
access-list 98 permit tcp 203.62.39.0 0.0.0.255
access-list 98 deny any log
snmp-server community rcuil RO 98
snmp-server ifindex persist
ip route 203.62.38.0 255.255.255.0 <PE WAN IP>
ip route 203.62.39.0 255.255.255.0 <PE WAN IP>
Advertize the loopback IP address in the BGP if BGP is running
OR configure static route
ip route <loopback ip> <subnet mask> <pe wan ip>
Please find attached SRX configuration display set output. We are allowing only 203.62.3X.X/24 subnet for SNMP access using firewall filters for addon security. lo.15 interface will be monitor by ISP. Airtel link is terminated under "office" VRF interface ge-0/0/6.
After commit this configuration BGP peer was up but network users could not get access (i.e. linc, email, web etc.)
Kindly suggest how to fix it.
Thank you...