I tried to switch L2 to L3 and reboot like:
set protocols l2-learning global-mode switching
then tried a commit check and found:
[edit security zones security-zone BT interfaces]
'ge-0/0/0.0'
Referenced interface must not be ethernet-switching interface of switching mode
[edit security zones security-zone PA interfaces]
'ge-0/0/1.0'
Referenced interface must not be ethernet-switching interface of switching mode
[edit interfaces ge-0/0/0 unit 0 family]
'ethernet-switching'
In switching mode, ethernet-switching interface must not be in security zone.
[edit interfaces ge-0/0/1 unit 0 family]
'ethernet-switching'
In switching mode, ethernet-switching interface must not be in security zone.
error: configuration check-out failed: (statements constraint check failed)So I thought I need to assign an IP to ge-0/0/0.0 like:
set interfaces ge-0/0/0 unit 0 family inet address 1.2.3.4/24
and I tried to switch:
set interfaces ge-0/0/0 unit 0 family ethernet-switching interface-mode access
and put it in a security zone like:
set security zones security-zone untrust set security zones security-zone untrust interfaces ge-0/0/0
But then I get the same error about not being in a security zone and also ethernet-switching
[edit security zones security-zone untrust interfaces]
'ge-0/0/0.0'
Referenced interface must not be ethernet-switching interface of switching mode
[edit interfaces ge-0/0/0 unit 0 family]
'ethernet-switching'
In switching mode, ethernet-switching interface must not be in security zone.What am I doing wrong? I'm new to JunOS, I'm used to the old SSG boxes, so trying to learn. I've read a bunch of docs and can't get it. I want to put ge-0/0/0 in untrust public static 1.2.3.4/24 and ge-0/0/1 in trust1 5.6.7.8/24 and CGNAT between the two zones.