Hello everyone.
I just bought SRX 100 and deleted all the default config.
Please consider the following set up:
Cisco R1 f1 199.199.199.10---------199.199.199.1 f0/0/0 SRX
Cisco R1 and SRX should talk using dot q tag 10
ISSUE:
R1 can not ping 199.199.199.1 because SRX does not respond to R1's ARP request for 199.199.199.1:
SRX Config:
root> show configuration | display set
set version 11.4R7.5
set system root-authentication encrypted-password "$1$K8pkQCB3$PMhEh2V68NzABTnuUWOiv0"
set system services ssh
set system services telnet
set system services xnm-clear-text
set system services web-management http interface vlan.0
set system services web-management https system-generated-certificate
set system services web-management https interface vlan.0
set system syslog archive size 100k
set system syslog archive files 3
set system syslog user * any emergency
set system syslog file messages any critical
set system syslog file messages authorization info
set system syslog file interactive-commands interactive-commands error
set system max-configurations-on-flash 5
set system max-configuration-rollbacks 5
set system license autoupdate url https://ae1.juniper.net/junos/key_retrieval
set interfaces fe-0/0/0 vlan-tagging
set interfaces fe-0/0/0 unit 0 vlan-id 20
set interfaces fe-0/0/0 unit 0 family inet address 200.200.200.1/24
set interfaces fe-0/0/0 unit 10 vlan-id 10
set interfaces fe-0/0/0 unit 10 family inet address 199.199.199.1/24
set interfaces fe-0/0/1 unit 0
set interfaces fe-0/0/2 unit 0
set interfaces fe-0/0/3 unit 0
set interfaces fe-0/0/4 unit 0
set interfaces fe-0/0/5 unit 0
set interfaces fe-0/0/6 unit 0
set interfaces fe-0/0/7 unit 0
set security screen ids-option untrust-screen icmp ping-death
set security screen ids-option untrust-screen ip source-route-option
set security screen ids-option untrust-screen ip tear-drop
set security screen ids-option untrust-screen tcp syn-flood alarm-threshold 1024
set security screen ids-option untrust-screen tcp syn-flood attack-threshold 200
set security screen ids-option untrust-screen tcp syn-flood source-threshold 1024
set security screen ids-option untrust-screen tcp syn-flood destination-threshold 2048
set security screen ids-option untrust-screen tcp syn-flood timeout 20
set security screen ids-option untrust-screen tcp land
set security zones security-zone TRUST interfaces fe-0/0/0.10 host-inbound-traffic system-services all
set security zones security-zone TRUST interfaces fe-0/0/0.10 host-inbound-traffic protocols all
set security zones security-zone TRUST interfaces fe-0/0/0.0
#########################
what am i missing?