[j-nsp] SRX asymmetric routing on WAN side
"Rolf Hanßen"
nsp at rhanssen.de
Wed Nov 11 11:07:28 EST 2015
Hi,
I have a quite simple setup, SRX with a WAN connection and some LAN stuff.
WAN is single-homed.
I now want to add a second uplink interface and put it into the existing
WAN/untrust zone.
So the traffic may flow async (interface point of view) but sync (zone
point of view).
Will this require any other changes or break functions?
I especially think of the connection tracking because I see that flows
contain interface information (looking at "show security flow session") as
well as zones.
I found dozens of sites related to similar topics telling to set
no-syn-check / no-sequence-check but always with some special setups (like
2 WAN zones). So I am unsure if this is related to my setup at all.
If this is related to a minimum software version please let me know.
kind regards
Rolf
More information about the juniper-nsp
mailing list