SRX

I have an SRX300 that will be used as Customer end of Ethernet link.

So, I need to be able to configure the WAN port to accept 2 VLANs.... one VLAN will be for the customer and one VLAN will be for the Management of the device.

I have tried configuring the irb for the VLAN-ID and it commits successfully. Now, where I am slightly stuck is how to get two VLANs on the interface and is there anything that needs to configuring globally to enable this?

Config so far:

set vlans v10 vlan-id 10

set vlans v10 l3-interface irb.10

set vlans management vlan-id 999

set vlans management l3-interface irb.999

set interface ge-0/0/5 unit 0 family ethernet-switching interface-mode trunk

set interface ge-0/0/5 unit 0 family ethernet-switching vlan members v10

set interface ge-0/0/5 unit 0 family ethernet-switching vlan members management

Now, where does the irb fit into all of this and, I believe, there is some form of global config required?

Thanks

Update:

Okay, I have configured the following too:

Set interface irb unit 10 family inet address x.x.x.x

set interface irb unit 999 family inet address x.x.x.x

I presume I have to assign these to zones and then route between the zones?

I have now also assigned to trust zone as follows:

set security zones security-zone trust interfaces irb.999
set security zones security-zone trust interfaces irb.10

Is this all that is required to get at least basic connectivity to the device?

For ongoing I can get the security zones configured and routing between them.

I guess I will find out in a few minutes 🙂

All working