SRX

 View Only
last person joined: 16 hours ago 

Ask questions and share experiences about the SRX Series, vSRX, and cSRX.

  • 1.  fxp0 and reth in the same subnet

    Posted 04-25-2018 09:18

    Hello,

    I have a SRX3400 cluster with fxp0 in 172.16.0.0/16 for OOB management.

     

    The firewall has 3 zones, public reth0, DC reth1 and Corporate reth2.

    I want to create a 4th zone for the OOB management network itself, in such way some devices from Corporate zone can access devices in OOB network under some policies.

     

    I have created the zone Mgmt and asigned interface reth3 with an ip address under the same subnet that fxp0 has. The result is I have two interfaces fxp0 and reth3 under the same subnet, with different ip addresses.

     

    I cant ping the reth3 interface from OOB network. What could be the cause?

     

    Is this the right approach to achieve initial objective or what would be the right one?

     

    Thanks in advance,

     

    Miguel



  • 2.  RE: fxp0 and reth in the same subnet
    Best Answer

     
    Posted 04-25-2018 19:10

    you cannot keep fxp0 and reth in same subnet. You can put all reth interfaces in a routing-instnace and keep fxp0 alone in default routing instnace to achieve this.

     

    KB30863 may give some details on why the configuration you are tryig is not working



  • 3.  RE: fxp0 and reth in the same subnet

    Posted 04-27-2018 10:15

    Hi Suraj,

    Thanks for your help. It makes perfect sense. I will try and revert.

     

    Basically I have to move all the user traffic interfaces into a new virtual router instance and then also move all the routing related config (in my case just the default route) into this new instance, right?

     

    Kind regards,

     

    Miguel



  • 4.  RE: fxp0 and reth in the same subnet

     
    Posted 04-27-2018 18:10
    That’s correct.