This community is currently under full moderation, meaning  all posts will be reviewed before appearing in the community. Please expect a brief delay—there is no need to post multiple times. If your post is rejected, you'll receive an email outlining the reason(s). We've implemented full moderation to control spam. Thank you for your patience and participation.

SRX320 -- Shaking out issues after moving the node to a new location

  • 1.  SRX320 -- Shaking out issues after moving the node to a new location

    Posted 07-21-2021 14:30
      |   view attached

    Good Morning Everyone! 

    First, I'm not entirely sure if this is necessarily the right spot; please forgive me if it is not and (hopefully) point me onwards to the right place. 

    I've got an SRX320 and it's ran quite well for the past few months as part of a home-lab environment. It actually functions as my home router and is connected to a Spectrum modem. It is worth noting that I do have the IPSec VPN licensing and a wireless MPIM installed. At the previous place, most everything was working save for DNS on VPN and IPv6 on iOS devices. Now that I've moved about ten minutes south, I am struggling to get things back up into play. IPv4 traffic passes fine for now with no filtering, and IPv6 traffic passes only on my MacBook Pro when I configure a static IPv6 address. 

    Ideally, these things are what I'm trying to accomplish, and I did them at some point while studying off for my JNCIAs -- just now drawing blanks. If anyone could please assist me with these, I'd be really grateful for the learning opportunity:   

    -Have automatic IPv6 addressing distributed across the local network automatically (including mobile devices that use the local wireless network
    -Be able to set up a separate subnet for VPN and have it communicate locally. 
    -Configure the SRX to accept web filtering (I plan on buying the CS-Bundle license  in the next few weeks) 
    -Set up needed certificates for SSL filtering and non-self-signed Web and VPN access. 

    In addition, I have a Nighthawk range extender, but when I plug that in and configure it against the SRX's configured WLAN, I lose all IPv4 connectivity back to the Juniper and can only use manual IPv6 addressing. 

    Finally, I have attached a txt copy of my current config (sanitized for personal information). Admittedly, it's a bit of a mess but it's what's running right now and is really only just the minimal changes from previously. 

    Jon Rzeznik
    MSIT - Thesis Track '23
    University of Cincinnati


    wineries-sanitized.txt   42 KB 1 version