All, I have an SRX100B on Junos 12.1X46-D40.2. It's configured as a remote end of a site-to-site VPN. The site-to-site VPN works fine as verified by show security ike security-associations.
I'm having trouble with a layer 3 VLAN interface in a separate routing instance from the normal one. The interface is named vlan.224. "show vlans" shows no physical interfaces in VLAN 224 even though fe-0/0/0.0 is a configured member of the VLAN. The layer 3 interface won't advertise its presence to the rest of the network through OSPF because the logical interface is down because there aren't any interfaces assigned to the VLAN. Even though there are interfaces assigned to the VLAN why does it think there are no interfaces assigned to the VLAN? I already have a ticket with TAC and reached out to my SE but wondered if the community has any insights or suggestions. I have a hunch that this is happening because the sort of thing I'm trying is not allowed. Thank you for your time. Here is a brief config snippet illustrating how interfaces and VLANs should be set up and the output of "show interfaces vlan terse" and "show vlans": interfaces { fe-0/0/0 { unit 0 { family ethernet-switching { port-mode access; vlan { members vlan0224; } } } } vlan { unit 224 { family inet { address priv-network/22; } } } } vlans { vlan0224 { vlan-id 224; interface { fe-0/0/0.0; } l3-interface vlan.224; } } mlfreita@srx> show interfaces vlan terse Interface Admin Link Proto Local Remote vlan up up vlan.224 up down inet priv-network/22 mlfreita@srx> show vlans Name Tag Interfaces default 1 None vlan0224 224 None Matt Freitag Network Engineer I Information Technology Michigan Technological University (906) 487-3696 <%28906%29%20487-3696> https://www.mtu.edu/ https://www.it.mtu.edu/ _______________________________________________ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp