SRX

IMPORTANT MODERATION NOTICE

This community is currently under full moderation, meaning  all posts will be reviewed before appearing in the community. Please expect a brief delay—there is no need to post multiple times. If your post is rejected, you'll receive an email outlining the reason(s). We've implemented full moderation to control spam. Thank you for your patience and participation.



  • 1.  SRX1500 Transparent Mode - VLAN1

    Posted 22 days ago
    We have been trying to deploy SRX1500 in transparent mode. We are facing issue with VLAN 1. 

    We have been using the default VLAN i.e. VLAN 1 for some significant communication and cant remove it overnight. In transparent mode, we are not able to pass the VLAN 1 traffic through the firewall. Several configurations have been tried.

    Is there any limitation as such that we cant use VLAN 1 with SXR transparent mode.

    Saif

    ------------------------------
    saifuddin miyaji
    ------------------------------


  • 2.  RE: SRX1500 Transparent Mode - VLAN1

     
    Posted 18 days ago
    My recollection is that with transparent mode all interfaces are the same vlan and tags are no longer relevant.  This just becomes a bump in the wire allowing rules within that vlan.

    Can you share the document you used to configure transparent mode.

    Then the specific traffic failure that is happening between ports.

    ------------------------------
    Steve Puluka BSEET - Juniper Ambassador
    IP Architect - DQE Communications Pittsburgh, PA (Metro Ethernet & ISP)
    http://puluka.com/home
    ------------------------------



  • 3.  RE: SRX1500 Transparent Mode - VLAN1

    Posted 17 days ago
    Im following this document:
    [SRX] Example Configuration - LACP on Layer 2 transparent mode Chassis Cluster - Juniper Networks

    I believe vlan tagging is indeed necessary for proper identification of tags and headers for forwarding the frames. Other VLANs are working fine but not VLAN 1. Someone on the forum advised to use keyword "default" for naming of VLAN 1 but that didnt work either.

    Regards
    Saif

    ------------------------------
    saifuddin miyaji
    ------------------------------



  • 4.  RE: SRX1500 Transparent Mode - VLAN1

    Posted 5 days ago
    Can I ask you to share the config part regarding the vlans and the interfaces, that your vlan needs to pass?
    If you don't want to share that openly, just DM me :)

    ------------------------------
    Christian Scholz
    Juniper Networks Ambassador | JNCIE-SEC #374
    Mail: chs@ip4.de
    Blog: jncie.eu | Twitter: @chsjuniper | YT-Channel: netchron
    ------------------------------



  • 5.  RE: SRX1500 Transparent Mode - VLAN1

    Posted 5 days ago
    Might be slightly off topic but I am trying to create a vlan DATA with a tag of vlan-id 1 but fails since VLAN 1 is reserved. Wish there was a work around. 



    SRX1500# commit
    [edit vlans]
    'DATA'
    VLAN 1 is a reserved vlan. This vlan cannot be configured by user.
    [edit vlans]
    Failed to parse vlan hierarchy completely
    error: configuration check-out failed

    SRX1500# run show vlans

    Routing instance VLAN name Tag Interfaces
    default-switch VOICE 2        ge-0/0/1.0
    default-switch default 1

    ------------------------------
    JIM BACKER
    ------------------------------