Hi,
can you please point me where I'm wrong in my relay setup on SRX:
I've got external DHCP server (ping from host are OK)
forwarding-options {
dhcp-relay {
server-group {
DHCP {
10.0.1.122;
}
}
group OFFICE {
active-server-group DHCP;
interface ae0.1515;
}
}
}
And very simple policy
policies {
from-zone Internal to-zone External {
policy GoingForTheInternet {
match {
source-address net_10_0_7;
destination-address any;
application any;
}
then {
permit;
log {
session-init;
}
}
}
}
}
zones {
security-zone External {
interfaces {
ae0.936 {
host-inbound-traffic {
system-services {
ping;
dhcp;
}
}
}
}
}
security-zone Internal {
address-book {
address net_10_0_7 10.0.7.0/27;
}
host-inbound-traffic {
system-services {
all;
}
protocols {
all;
}
}
interfaces {
ae0.1515 {
host-inbound-traffic {
system-services {
dhcp;
ping;
}
}
}
}
}
}
But nothing works.
Using tcpdump on 10.0.1.122 and telnet to any port works but server but UDP testing with the help of nc fails from the same host.