[j-nsp] Config help with an SRX110 & ADSL

Stefan Fouant sfouant at shortestpathfirst.net
Tue Aug 28 09:18:34 EDT 2012


Oops, I meant to say that you should replace fe-0/0/0.0 with the at-1/0/0.0 interface under the propagate settings, since at-1/0/0.0 is the one receiving the DHCP parameters from upstream.

Stefan Fouant
JNCIE-SEC, JNCIE-SP, JNCIE-ENT, JNCI
Technical Trainer, Juniper Networks

Follow us on Twitter @JuniperEducate

Sent from my iPad

On Aug 28, 2012, at 9:12 AM, Stefan Fouant <sfouant at shortestpathfirst.net> wrote:

> Also, your DHCP propagate setting is referencing fe-0/0/0.0 whereas is should be referencing vlan.0, vlan.1 and vlan.2. Per the docs, the propagate option applies to the logical interface which will receive TCP/IP settings from the external network for propagation to the DHCP pool running on the device.  Currently, fe-0/0/0.0 isn't a routing interface and it isn't part of any assigned zone.
> 
> HTHs.
> 
> Stefan Fouant
> JNCIE-SEC, JNCIE-SP, JNCIE-ENT, JNCI
> Technical Trainer, Juniper Networks
> 
> Follow us on Twitter @JuniperEducate
> 
> Sent from my iPad
> 
> On Aug 28, 2012, at 7:41 AM, Dale Shaw <dale.shaw+j-nsp at gmail.com> wrote:
> 
>> [Apologies for top post]
>> 
>> There are a few problems with the config (once you get basic comms up
>> you'll need to look at your IPsec settings) but I suspect the main problem
>> is that interface at-1/0/0.0 isn't assigned to a security zone (untrust).
>> 
>> Cheers,
>> Dale
>> 
>> On Aug 28, 2012 8:10 PM, "Josh Farrelly" <josh at base-2.co.nz> wrote:
>> _______________________________________________
>> juniper-nsp mailing list juniper-nsp at puck.nether.net
>> https://puck.nether.net/mailman/listinfo/juniper-nsp
> 
> _______________________________________________
> juniper-nsp mailing list juniper-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/juniper-nsp



More information about the juniper-nsp mailing list