Hi Bikash,
I addition to everything, you also have to keep in mind that SRX is a
stateful device and performs a reverse route lookup when establishing a new
session. Unfortunately you can't enable something like "use the iface and
mac address from where the packet came" for traffic in backward dir
I'm not sure that this is the only issue, but something I just spotted
under pbr_fe-0/0/6_adsl:
route 0.0.0.0/24
I would have thought that if it didnt match a route that instance, it
would have been dropped. If that is the case, then something else is
going wrong beforehand and the traffic isn't h
originated from
10.139.1.167/32.
Regards,
Bikash
From: Joe Goldberg [mailto:joe.goldb...@falconstor.com]
Sent: बिहीवार, सेप्टेम्बर 30, 2010 7:55 PM
To: Bikash Bhattarai
Cc: juniper-nsp@puck.nether.net
Subject: Re: [j-nsp] Policy based routing on SRX 210
I'm not exactly sure
I'm not exactly sure what you are trying to get this config to do, but at
the very least you need to apply the firewall rule for the PBR to the
relevant interface,
set interface x unit 0 family inet filter input trust-adsl
Joe
On Thu, Sep 30, 2010 at 5:32 AM, Bikash Bhattarai wrote:
> Dear al
This config is doing exactly what you configured it to do. That's how
computers work. Did you want it to do something else? If so, you might
want to tell us what you think it should be doing that it isn't.
On Thu, 30 Sep 2010, Bikash Bhattarai wrote:
Dear all,
My PBR configuration is be
Dear all,
My PBR configuration is below. I have configured everything as suggested in
juniper's documentation. But it's not working as desired. Please help me out
to sort out the issue.
ge-0/0/0 {
unit 0 {
description HO-LAN;
family inet {
6 matches
Mail list logo
