Log in to ask questions, share your expertise, or stay connected to content you value. Don’t have a login? Learn how to become a member.
All,I just have a quick question, that I think I know the answer to, but am just looking for verification. On SRX series firewalls, are static routes limited to full subnets, or can there be a range that doesn't conform to a standard subnet?Example: Currently we have 10.10.10.0/24 next-hop 10.10.9.1;Can we have something like 10.10.11.27-38 next-hop 10.10.8.1;Everything I find looks like it is limited to just a subnet.Thank you,Andrew
I believe the route statement requires a subnet mask so you could do it like:
Paul,Thanks for the quick reply. That is what I was thinking. I'm going to have to list the IP addresses one at a time with the /32. I have three groups of 10 addresses, so it will just be a little more of a list.Thank you,Andrew
I use this IP range to CIDR tool that creates a minimal list out of any ip range you give it.In your case 10.10.11.27-38 yields:10.10.11.27/3184.108.40.206/3010.10.11.32/3010.10.11.36/3220.127.116.11/32https://www.meridianoutpost.com/resources/etools/network/convert-ip-to-CIDR.php
Hi,if extra reserve addresses are allowed and/or required, you can configure as below :10.10.11.24/29 next-hop 10.10.8.110.10.11.32/29 next-hop 10.10.8.1just two entriesRegards,