Hi Rolf,
Is the purpose of the second WAN interface backup or a different path for
some routes?
In either case routing will determine the outbound interface in the WAN
zone. It's the zone that is important for sessions not interface. The
interface is merely cached in the session for fast-path to
Hi Rolf,
The traffic in your case will be accepted by default regardless of the
interface. You don't need to do anything to permit it.
You have to permit explicitly only if the traffic is transmitted between
two interfaces even they are in the same zone.
I cannot find a link for a proof, though.
Hi,
I have a quite simple setup, SRX with a WAN connection and some LAN stuff.
WAN is single-homed.
I now want to add a second uplink interface and put it into the existing
WAN/untrust zone.
So the traffic may flow async (interface point of view) but sync (zone
point of view).
Will this require an
3 matches
Mail list logo
