[j-nsp] Basic VLAN setup on a J2320
Chris Kawchuk
juniperdude at gmail.com
Thu Apr 8 11:37:18 EDT 2010
1. Check your security zone to ensure you're allowing ping on both devices, and that the vlan.xxx interfaces are part of the zone:
i.e.:
security {
zones {
security-zone trust {
interfaces {
vlan.99 {
host-inbound-traffic {
system-services {
all;
}
protocols {
all;
}
}
}
vlan.10 {
host-inbound-traffic {
system-services {
all;
}
protocols {
all;
}
}
}
2. Also check your policies on the trust zone (just to ensure its there);
policies {
from-zone trust to-zone trust {
policy allow-all {
match {
source-address any;
destination-address any;
application any;
}
then {
permit;
}
}
}
On 2010-04-08, at 9:26 AM, Morten Isaksen wrote:
> I forgot the members [ ... ] part and that caused the vlan to be down.
> But after I added the members line the vlan was up but I was not able
> to ping bettween the two J2320, so same result.
More information about the juniper-nsp
mailing list