malik.atif.saleem at gmail
Aug 28, 2012, 8:22 PM
Post #6 of 6
It would be nice to share the configuration stanza after the fix or
doing the correction from Josh.
On Wed, Aug 29, 2012 at 2:06 AM, Josh Farrelly <josh [at] base-2> wrote:
> Thanks Dale/Stefan, that's fixed it. Much appreciated.
> Josh Farrelly
> Senior Project Engineer
> P +64 9 630 4095
> M +64 21 919 885
> E josh [at] base-2
> PO Box 24666, Royal Oak, Auckland 1345.
> 126 Valley Rd, Mt Eden, Auckland 1024.
> -----Original Message-----
> From: Stefan Fouant [mailto:sfouant [at] shortestpathfirst]
> Sent: Wednesday, 29 August 2012 01:13
> To: Dale Shaw
> Cc: Josh Farrelly; juniper-nsp [at] puck
> Subject: Re: [j-nsp] Config help with an SRX110 & ADSL
> Also, your DHCP propagate setting is referencing fe-0/0/0.0 whereas is should be referencing vlan.0, vlan.1 and vlan.2. Per the docs, the propagate option applies to the logical interface which will receive TCP/IP settings from the external network for propagation to the DHCP pool running on the device. Currently, fe-0/0/0.0 isn't a routing interface and it isn't part of any assigned zone.
> Stefan Fouant
> JNCIE-SEC, JNCIE-SP, JNCIE-ENT, JNCI
> Technical Trainer, Juniper Networks
> Follow us on Twitter @JuniperEducate
> Sent from my iPad
> On Aug 28, 2012, at 7:41 AM, Dale Shaw <dale.shaw+j-nsp [at] gmail> wrote:
>> [Apologies for top post]
>> There are a few problems with the config (once you get basic comms up
>> you'll need to look at your IPsec settings) but I suspect the main
>> problem is that interface at-1/0/0.0 isn't assigned to a security zone (untrust).
>> On Aug 28, 2012 8:10 PM, "Josh Farrelly" <josh [at] base-2> wrote:
>> juniper-nsp mailing list juniper-nsp [at] puck
> juniper-nsp mailing list juniper-nsp [at] puck
juniper-nsp mailing list juniper-nsp [at] puck