Thanks keithr! as soon as I removed the lo0 from the set system services web-management https interface. I see you've got IPv6 configured on this device, are you trying to access J-Web via IPv6? I'm not sure if having IPv6 turned up would have any effect on your traffic, as I haven't set up any SRX devices with IPv6. You could also set a flow trace to see if the traffic is being dropped for some reason. When both interfaces are configured and the default route is using 192.168.201.1 and you ping 192.168.201.232 from the laptop, the packets arrive at the server with the 'left path' and come back from the server also. You could try setting a traceoptions file and see if anything is logged. In a few words, an incoming packet is allowed on an interface only if the same interface would be used to route back its reply. I assume you're trying to connect to J-Web from inside the Trust zone? I can connect to J-web using the device loopback address. Host1 (IP-address 192.168.1.100/24) connected to SRX interface ge-0/0/1 (interface address 192.168.1.1/24) Host2 (IP-address 10.10.1.100/24) connected to SRX interface ge-0/0/2 (interface address 10.10.1. I advertise my /24, and they advertise just a 0.0.0.0 back to me. To provide availablility, I have two ISP's terminating in the device and doing BGP with them. I set a few options to look more like your config for testing: Multiple IP's on the loopback interface not working 0 Recommend Erdem Posted 07-16-2014 11:27 Reply Reply Privately I have an SRX550 with version 12.1X44-D20.3. I appreciate R2 has an interface on Eth 1/2 with ip address 172.28.38.1/24, but its on a separate router and different mask. R3 cant ping itself on 172.28.38.11/16 and I cant understand why. OK, on my devices (10.2R3.10), J-web works on my loopback interface without having to specify the loopback interface in the system -> services -> web-management -> https context. Hello Community, I have a problem that I simply cant understand - although Im sure there is simple explanation. A loopback interface on a switch does not belong to any VLAN and must have an IP address in a subnet that is distinct from subnets associated with any particular VLAN.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |