Hello,
I want layer 2 traffic tagged with a 802.1q tag 100 to pass through the SRX transparently towards the device that has its layer 3 gateway IP address configured, is this possible? I am aware I can create an IRB interface and put ports into vlans, however the gateway is not built on the SRX so I do not want to use an IRB interface. Diagram below shows what I am trying to acheieve, vlan 100 is configured on the switch and SRX, then the router WAN-1 has a layer 3 sub interface with vlan 100 encapsulation where the gateway is built.
MAC addresses are showing on port 8, but nothing on port 5, when I intiate a ping from the VPC "VLAN".
SRX Config:
set version 21.1R3.11
set groups node0 system host-name SRX0_N0
set groups node0 system services ssh max-sessions-per-connection 64
set groups node0 system syslog file default-log-messages any info
set groups node0 system syslog file default-log-messages structured-data
set groups node1 system host-name SRX0_N1
set groups node1 system services ssh max-sessions-per-connection 64
set groups node1 system syslog file default-log-messages any info
set groups node1 system syslog file default-log-messages structured-data
set apply-groups "${node}"
set system root-authentication encrypted-password "$6$iVIc6YFM$dMZhQh4dwPhHfRfOSfuQrWd/xrKlBmGaMMSZW.X7HE1i3D9geUpjgOnBms4dQjnD9Vyc2NeVirjk1QxMxd4kZ0"
set security policies default-policy permit-all
set security zones security-zone INTERNET interfaces ge-0/0/3.0 host-inbound-traffic system-services all
set security zones security-zone LAN interfaces ge-0/0/7.0 host-inbound-traffic system-services all
set security zones security-zone LAN interfaces ge-0/0/4.0 host-inbound-traffic system-services all
set interfaces ge-0/0/3 unit 0 family inet address 192.168.1.1/30
set interfaces ge-0/0/4 unit 0 family ethernet-switching interface-mode trunk
set interfaces ge-0/0/4 unit 0 family ethernet-switching vlan members vlan-100
set interfaces ge-0/0/7 unit 0 family ethernet-switching interface-mode trunk
set interfaces ge-0/0/7 unit 0 family ethernet-switching vlan members vlan-100
set vlans vlan-100 vlan-id 100