Hello all. I am trying get a simple 2 device topology in EVE-NG up and running with 2 x VSRXs (evaluation version). I am new to Junos and new to EVE.
For some reason once I go into the CLI I don't see the ge interfaces (e.g. ge-0/0/1) until sometime after. Why is this? Should these not show up immediately once the devices are booted up? I have attached a pic showing the toplogy.
Eventually they do show and I am able to confirm this with show interfaces terse. I have configured IP addresses in unit 0 inet family on the relevant interfaces on both devices, but now I am unable to ping between devices. Are there any security settings I need to disable? I've included my config below. For conventince I have shown only info from one vSRX as both devices are configured the same, aside from IP addresses.
Thanks,
Bav
root> show version
Model: vSRX
Junos: 19.2R1.8
root> show chassis hardware
Hardware inventory:
Item Version Part number Serial number Description
Chassis f0def23d5270 VSRX
Midplane
System IO
Routing Engine VSRX-S
FPC 0 FPC
PIC 0 VSRX DPDK GE
Power Supply 0
root> show configuration
## Last commit: 2019-11-09 18:05:14 UTC by root
version 20190606.224121_builder.r1033375;
system {
root-authentication {
encrypted-password "$6$fmYqXH7m$.3aCwVS/i0lD/yOyha/2eLa8dARTS/D..T/MZrOn ag9qWgcpVxWiydh9ogQv.GrXp1GW2ExwHLo4tNLJ7MAGv0"; ## SECRET-DATA
}
services {
ssh;
web-management {
http {
interface fxp0.0;
}
}
}
syslog {
user * {
any emergency;
}
file messages {
any any;
authorization info;
}
file interactive-commands {
interactive-commands any;
}
}
license {
autoupdate {
url https://ae1.juniper.net/junos/key_retrieval;
}
}
}
security {
forwarding-options {
family {
inet6 {
mode packet-based;
}
mpls {
mode packet-based;
}
iso {
mode packet-based;
}
}
}
screen {
ids-option untrust-screen {
icmp {
ping-death;
}
ip {
source-route-option;
tear-drop;
}
tcp {
syn-flood {
alarm-threshold 1024;
attack-threshold 200;
source-threshold 1024;
destination-threshold 2048;
queue-size 2000; ## Warning: 'queue-size' is deprecated
timeout 20;
}
land;
}
}
}
inactive: policies {
from-zone trust to-zone trust {
policy default-permit {
match {
source-address any;
destination-address any;
application any;
}
then {
permit;
}
}
}
from-zone trust to-zone untrust {
policy default-permit {
match {
source-address any;
destination-address any;
application any;
}
then {
permit;
}
}
}
}
zones {
security-zone trust {
tcp-rst;
}
security-zone untrust {
screen untrust-screen;
}
}
}
interfaces {
ge-0/0/2 {
unit 0 {
family inet {
address 192.168.1.3/24;
}
}
}
fxp0 {
unit 0;
}
}
root>