I have a problem regarding connecting to Skyatp cloud.
the Problem is i can only ping the internet from specific interface.
If i dont specify the source interface i cant ping or have a DNS lookup.
is there a way to force the connection to gets out from the untrust interface?
When connecting to the Internet the SRX will use by default the IP address of the interface facing the Internet (usually the interface in the untrust zone). To what interface is linked the address being used now? Can you share a "> show route 184.108.40.206" to better understand your implementation.
The following document explains more about the source address to be used for outbound traffic generated by the SRX:
And in the following discussion it was suggested to specify a source-address for the packets sent to the DNS server:
You could try a "monitor traffic" as suggested in the above link to confirm the source-IP being used right now.
the output from
admin@node0> show route 220.127.116.11
inet.0: 204 destinations, 205 routes (204 active, 0 holddown, 0 hidden)+ = Active Route, - = Last Active, * = Both
0.0.0.0/0 *[Static/5] 09:23:10> to X:X:X:X via reth0.1000[Static/5] 09:23:09> to X:X:X:X via reth0.1000
I did change the Public IP adresses to X:X:X:X for security reasons
i can ping the internet using the interface reth0.1000 but if i used ping alone i still cant do it.
I did read your response but for some reason the Ping is going out from a diffrent Interface
Right after you send some pings to 18.104.22.168, try the following command to see the created sessions:
> show security flow session destination-prefix 22.214.171.124 protocol icmp
On the output we will see the source IP address that is being used. Once you know it please try the following command:
> show interfaces terse | match [source_address_ being_used]
Im trying to confirm whats the IP address and interface being used for sourcing the host-outbound-traffic.