F5F Stay Refreshed Power Users Networks Issues with Juniper SRX220/240 routing or policies Configuration problems affecting routing behavior

Issues with Juniper SRX220/240 routing or policies Configuration problems affecting routing behavior

Issues with Juniper SRX220/240 routing or policies Configuration problems affecting routing behavior

S
sunemoonsong
Senior Member
Find
380
03-18-2023, 05:14 AM
#1
In short, we have several locations and need to link them using L3 connections. On the ISP side, everything is configured properly and their device is functioning correctly. We have a Juniper SRX220 and an SRX 240 that can ping our network without issues. However, the Huawei router supplied by our ISP isn’t reachable at all—or almost so—since two of our servers (domain controllers) can ping it. From our network, only those two servers can reach the ISP router via the Juniper, while any other PC or server cannot. On the other side, we can reach the ISP router until the ISP router itself, but not the Juniper. The routing table on the Juniper appears correct, but the policies are preventing connections entirely. These policies define the connection settings between the two zones. We’re stuck here and need guidance on how to resolve this or any similar issues. Please feel free to share your thoughts or run into similar problems. Thanks!
Reply
Reply
S
sunemoonsong
03-18-2023, 05:14 AM #1

In short, we have several locations and need to link them using L3 connections. On the ISP side, everything is configured properly and their device is functioning correctly. We have a Juniper SRX220 and an SRX 240 that can ping our network without issues. However, the Huawei router supplied by our ISP isn’t reachable at all—or almost so—since two of our servers (domain controllers) can ping it. From our network, only those two servers can reach the ISP router via the Juniper, while any other PC or server cannot. On the other side, we can reach the ISP router until the ISP router itself, but not the Juniper. The routing table on the Juniper appears correct, but the policies are preventing connections entirely. These policies define the connection settings between the two zones. We’re stuck here and need guidance on how to resolve this or any similar issues. Please feel free to share your thoughts or run into similar problems. Thanks!

Reply
Reply
A
ALGA0205
Junior Member
Find
36
03-22-2023, 04:08 PM
#2
The SRX setup (cleaned) along with a basic chart would clarify sample IPs.
Reply
Reply
A
ALGA0205
03-22-2023, 04:08 PM #2

The SRX setup (cleaned) along with a basic chart would clarify sample IPs.

Reply
Reply
L
LeoMiner_02
Junior Member
Find
15
03-22-2023, 04:24 PM
#3
Hey, i will attach the config below, if you need a diagram too, i can scetch one really quick, but dont have it atm. config.txt
Reply
Reply
L
LeoMiner_02
03-22-2023, 04:24 PM #3

Hey, i will attach the config below, if you need a diagram too, i can scetch one really quick, but dont have it atm. config.txt

Reply
Reply
X
xXBatPotXx
Junior Member
Find
4
03-22-2023, 09:04 PM
#4
Here’s a code example with configuration included:

```python
config = {
"source_ip": "192.168.1.10",
"destination_ip": "10.0.0.5",
"port": 8080,
"protocol": "tcp"
}

# Example connection logic
import socket

sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
sock.connect((config["destination_ip"], config["port"]))
print(f"Connected to {config['destination_ip']}:{config['port']}")
```

Diagram would help if you need visual guidance.
Reply
Reply
X
xXBatPotXx
03-22-2023, 09:04 PM #4

Here’s a code example with configuration included:

```python
config = {
"source_ip": "192.168.1.10",
"destination_ip": "10.0.0.5",
"port": 8080,
"protocol": "tcp"
}

# Example connection logic
import socket

sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
sock.connect((config["destination_ip"], config["port"]))
print(f"Connected to {config['destination_ip']}:{config['port']}")
```

Diagram would help if you need visual guidance.

Reply
Reply