View Only
last person joined: 2 days ago 

Ask questions and share experiences about the SRX Series, vSRX, and cSRX.
  • 1.  Routing issue between two Juniper SRX 300's

    Posted 05-11-2023 07:33

    Hello Everyone,

    Here is my question. Currently I have two Juniper SRX 300's that have a routing device between them, which then goes through a VPN. Also, my firewall global mode is currently set to switching under protocols.

    The interface connected to the routing device uses INET and then I have an IRB interface with a private IP address which is assigned to a vlan that my other interface are assigned to.


    GE-0/0/0 unit 0 family inet address

    GE-0/0/1  unit 0 family ethernet switching interface mode access vlan members INSIDE

    irb unit 0 family inet address

    vlan INSIDE 
    vlan id 10
    l3-interface irb.0

    Both SRX's are configure very similar to what you see above, and when they are connected to either side of the VPN, I can ping the irb address, but I can't ping any device connected to ge-0/0/1 which is using the INSIDE vlan and has an ip address assigned to it within the same subnet as irb.0.

    Is the reason I can't ping because the SRX is in global mode l2-learning switching? Is there something else I can do to get this to work?


    Zones and polices have also been set to allow traffic bi-directionally between the required zones.



  • 2.  RE: Routing issue between two Juniper SRX 300's

    Posted 05-12-2023 02:55

    Hi, maybe forgot add static routes? do u have ospf in your config?

    andrii furdyha

  • 3.  RE: Routing issue between two Juniper SRX 300's
    Best Answer

    Posted 05-17-2023 13:33

    Figured out the issue was with the RED HAT boxes on either end and not the Juniper