Junos OS

 View Only
last person joined: yesterday 

Ask questions and share experiences about Junos OS.
  • 1.  VLAN-problem

    Posted 09-01-2022 08:44

    Hi all,

    on my SRX300 I set up a couple of vlans.

    IRB.20, ge-0/0/2, ethernet-switching, mode access, zone office
    IRB.30, ge-0/0/3, ethernet-switching, mode access, zone media
    iface ge-0/0/5, port mode trunk going to the uplink switch containing these vlans and some more ....
    rules are to permit all traffic between the zones
    If I ping from irb.20 to irb.30 no answer on the client - even not the SRX interface IP ...3.1 ,  but answer from the srx itself.
    Whats going wrong ?

    Please be patient, I am not a network engineer :-)
    regards Max


    Max Prieler

  • 2.  RE: VLAN-problem

    Posted 09-01-2022 10:22
    To troubleshoot we could start by looking at the status of the interfaces

    show interfaces terse

    Note that for irb virtual interface to come to the up/up status at least one physical interface in the same vlan has to be in the up/up status.

    If both the layer 2 and layer 3 ip interfaces are up/up

    Next phase is to confirm configurations
    make sure the vlan assignments for both layer 2 and layer 3 interfaces are correct

    confirm that security zones have the properly assigned interfaces

    confirm that the security policies are in place
    show security policies

    If policies are present as expected look for the test traffic sessions
    show security flow session

    Steve Puluka BSEET - Juniper Ambassador
    IP Architect - DQE Communications Pittsburgh, PA (Metro Ethernet & ISP - Retired)

  • 3.  RE: VLAN-problem

    Posted 09-06-2022 03:29

    Problem solved.

    I had to take out policy dynamic-application any;

    This was the issue preventing acces to other vlans :-)

    Max Prieler