Hi,
Sorry for disturbing you guys again with what may be an easily resolved issue.... I have checked everything I can with regards to this issue and am now at a loss (with no ability to wireshark):
As I am using separate VRs and Tunnels, it may be better to simply post the whole config minus the secitons that are not really relevant:
set system services ftp
set system services ssh root-login deny
set system services ssh connection-limit 3
set system services web-management http
set system services web-management https system-generated-certificate
set system services web-management https interface fxp0.0
set system syslog file interactive-commands interactive-commands any
set system max-configurations-on-flash 5
set chassis aggregated-devices ethernet device-count 2
set security log mode stream
set security log report
set security address-book global address hexradiusbtb 195.80.10.73/32
set security address-book global address thwradiusbtb 195.80.10.69/32
set security address-book global address thw-lns-01 195.80.10.13/32
set security address-book global address thw-radius-01 195.80.10.38/32
set security address-book global address monitor-server 192.168.50.201/32
set security address-book global address monitor-server-nic2 195.80.10.9/32
set security address-book global address hex-radius-02 195.80.10.54/32
set security address-book global address thw-dns-server 195.80.10.85/32
set security address-book global address thw-dns-anycast1 195.80.10.81/32
set security address-book global address thw-dns-anycast2 195.80.10.82/32
set security address-book global address netopstest2-network 192.168.50.0/24
set security address-book global address-set Cust-to-dmz-bidirectional address thw-lns-01
set security address-book global address-set Cust-to-dmz-bidirectional address thw-radius-01
set security address-book global address-set Cust-to-dmz-bidirectional address monitor-server
set security address-book global address-set Cust-to-dmz-bidirectional address monitor-server-nic2
set security address-book global address-set Cust-to-dmz-bidirectional address netopstest2-network
set security forwarding-options family inet6 mode flow-based
set security forwarding-options family iso mode packet-based
set security policies from-zone Customer-Network to-zone ninegroup-radius policy Steve match source-address Cust-to-dmz-bidirectional
set security policies from-zone Customer-Network to-zone ninegroup-radius policy Steve match destination-address Cust-to-dmz-bidirectional
set security policies from-zone Customer-Network to-zone ninegroup-radius policy Steve match application junos-ntp
set security policies from-zone Customer-Network to-zone ninegroup-radius policy Steve match application junos-pingv6
set security policies from-zone Customer-Network to-zone ninegroup-radius policy Steve match application junos-ping
set security policies from-zone Customer-Network to-zone ninegroup-radius policy Steve match application junos-dns-tcp
set security policies from-zone Customer-Network to-zone ninegroup-radius policy Steve match application junos-dns-udp
set security policies from-zone Customer-Network to-zone ninegroup-radius policy Steve match application RADIUS
set security policies from-zone Customer-Network to-zone ninegroup-radius policy Steve match application junos-ssh
set security policies from-zone Customer-Network to-zone ninegroup-radius policy Steve match application junos-http
set security policies from-zone Customer-Network to-zone ninegroup-radius policy Steve match application junos-https
set security policies from-zone Customer-Network to-zone ninegroup-radius policy Steve then permit
set security policies from-zone Customer-Network to-zone ninegroup-radius policy Steve then log session-init
set security policies from-zone ninegroup-radius to-zone Customer-Network policy Steve1 match source-address Cust-to-dmz-bidirectional
set security policies from-zone ninegroup-radius to-zone Customer-Network policy Steve1 match destination-address Cust-to-dmz-bidirectional
set security policies from-zone ninegroup-radius to-zone Customer-Network policy Steve1 match application junos-ntp
set security policies from-zone ninegroup-radius to-zone Customer-Network policy Steve1 match application junos-pingv6
set security policies from-zone ninegroup-radius to-zone Customer-Network policy Steve1 match application junos-ping
set security policies from-zone ninegroup-radius to-zone Customer-Network policy Steve1 match application junos-dns-tcp
set security policies from-zone ninegroup-radius to-zone Customer-Network policy Steve1 match application junos-dns-udp
set security policies from-zone ninegroup-radius to-zone Customer-Network policy Steve1 match application RADIUS
set security policies from-zone ninegroup-radius to-zone Customer-Network policy Steve1 match application junos-ssh
set security policies from-zone ninegroup-radius to-zone Customer-Network policy Steve1 match application junos-http
set security policies from-zone ninegroup-radius to-zone Customer-Network policy Steve1 match application junos-https
set security policies from-zone ninegroup-radius to-zone Customer-Network policy Steve1 then permit
set security policies from-zone ninegroup-radius to-zone Customer-Network policy Steve1 then log session-init
set security policies from-zone Customer-Network to-zone Customer-Network policy Steve match source-address any
set security policies from-zone Customer-Network to-zone Customer-Network policy Steve match destination-address any
set security policies from-zone Customer-Network to-zone Customer-Network policy Steve match application any
set security policies from-zone Customer-Network to-zone Customer-Network policy Steve then permit
set security policies from-zone ninegroup-radius to-zone ninegroup-radius policy Steve1 match source-address Cust-to-dmz-bidirectional
set security policies from-zone ninegroup-radius to-zone ninegroup-radius policy Steve1 match destination-address Cust-to-dmz-bidirectional
set security policies from-zone ninegroup-radius to-zone ninegroup-radius policy Steve1 match application junos-ntp
set security policies from-zone ninegroup-radius to-zone ninegroup-radius policy Steve1 match application junos-pingv6
set security policies from-zone ninegroup-radius to-zone ninegroup-radius policy Steve1 match application junos-ping
set security policies from-zone ninegroup-radius to-zone ninegroup-radius policy Steve1 match application junos-dns-tcp
set security policies from-zone ninegroup-radius to-zone ninegroup-radius policy Steve1 match application junos-dns-udp
set security policies from-zone ninegroup-radius to-zone ninegroup-radius policy Steve1 match application RADIUS
set security policies from-zone ninegroup-radius to-zone ninegroup-radius policy Steve1 match application junos-ssh
set security policies from-zone ninegroup-radius to-zone ninegroup-radius policy Steve1 match application junos-http
set security policies from-zone ninegroup-radius to-zone ninegroup-radius policy Steve1 match application junos-https
set security policies from-zone ninegroup-radius to-zone ninegroup-radius policy Steve1 then permit
set security policies from-zone ninegroup-radius to-zone ninegroup-radius policy Steve1 then log session-init
set security policies from-zone Customer-Network to-zone NineGroup-BTB policy radiusbtb match source-address hexradiusbtb
set security policies from-zone Customer-Network to-zone NineGroup-BTB policy radiusbtb match destination-address thwradiusbtb
set security policies from-zone Customer-Network to-zone NineGroup-BTB policy radiusbtb match application junos-icmp-all
set security policies from-zone Customer-Network to-zone NineGroup-BTB policy radiusbtb then permit
set security policies from-zone NineGroup-BTB to-zone Customer-Network policy radiusbtb1 match source-address thwradiusbtb
set security policies from-zone NineGroup-BTB to-zone Customer-Network policy radiusbtb1 match destination-address hexradiusbtb
set security policies from-zone NineGroup-BTB to-zone Customer-Network policy radiusbtb1 match application junos-icmp-all
set security policies from-zone NineGroup-BTB to-zone Customer-Network policy radiusbtb1 then permit
set security policies from-zone NineGroup-BTB to-zone NineGroup-BTB policy radiusbtb1 match source-address any
set security policies from-zone NineGroup-BTB to-zone NineGroup-BTB policy radiusbtb1 match destination-address any
set security policies from-zone NineGroup-BTB to-zone NineGroup-BTB policy radiusbtb1 match application any
set security policies from-zone NineGroup-BTB to-zone NineGroup-BTB policy radiusbtb1 then permit
set security policies from-zone Customer-Network to-zone netopstest2 policy netopstest match source-address any
set security policies from-zone Customer-Network to-zone netopstest2 policy netopstest match destination-address any
set security policies from-zone Customer-Network to-zone netopstest2 policy netopstest match application any
set security policies from-zone Customer-Network to-zone netopstest2 policy netopstest then permit
set security policies from-zone netopstest2 to-zone netopstest2 policy netopstest_1 match source-address any
set security policies from-zone netopstest2 to-zone netopstest2 policy netopstest_1 match destination-address any
set security policies from-zone netopstest2 to-zone netopstest2 policy netopstest_1 match application any
set security policies from-zone netopstest2 to-zone netopstest2 policy netopstest_1 then permit
set security policies from-zone netopstest2 to-zone Customer-Network policy netopstest_1 match source-address any
set security policies from-zone netopstest2 to-zone Customer-Network policy netopstest_1 match destination-address any
set security policies from-zone netopstest2 to-zone Customer-Network policy netopstest_1 match application any
set security policies from-zone netopstest2 to-zone Customer-Network policy netopstest_1 then permit
set security policies from-zone ninegroup-dns to-zone Customer-Network policy thw-ninegroupdns match source-address any
set security policies from-zone ninegroup-dns to-zone Customer-Network policy thw-ninegroupdns match destination-address any
set security policies from-zone ninegroup-dns to-zone Customer-Network policy thw-ninegroupdns match application any
set security policies from-zone ninegroup-dns to-zone Customer-Network policy thw-ninegroupdns then permit
set security policies from-zone Customer-Network to-zone ninegroup-dns policy thw-ninegroupdns-1 match source-address any
set security policies from-zone Customer-Network to-zone ninegroup-dns policy thw-ninegroupdns-1 match destination-address any
set security policies from-zone Customer-Network to-zone ninegroup-dns policy thw-ninegroupdns-1 match application any
set security policies from-zone Customer-Network to-zone ninegroup-dns policy thw-ninegroupdns-1 then permit
set security policies from-zone ninegroup-dns to-zone ninegroup-dns policy thw-ninegroupdns match source-address any
set security policies from-zone ninegroup-dns to-zone ninegroup-dns policy thw-ninegroupdns match destination-address any
set security policies from-zone ninegroup-dns to-zone ninegroup-dns policy thw-ninegroupdns match application any
set security policies from-zone ninegroup-dns to-zone ninegroup-dns policy thw-ninegroupdns then permit
set security zones security-zone ninegroup-radius host-inbound-traffic system-services all
set security zones security-zone ninegroup-radius host-inbound-traffic protocols all
set security zones security-zone ninegroup-radius interfaces ge-0/0/2.0
set security zones security-zone ninegroup-radius interfaces lt-0/0/0.1
set security zones security-zone ninegroup-radius interfaces lt-0/0/0.8
set security zones security-zone Customer-Network host-inbound-traffic system-services all
set security zones security-zone Customer-Network host-inbound-traffic protocols all
set security zones security-zone Customer-Network interfaces lt-0/0/0.2
set security zones security-zone Customer-Network interfaces ae2.0
set security zones security-zone Customer-Network interfaces lt-0/0/0.4
set security zones security-zone Customer-Network interfaces lt-0/0/0.6
set security zones security-zone Customer-Network interfaces lt-0/0/0.10
set security zones security-zone NineGroup-BTB host-inbound-traffic system-services all
set security zones security-zone NineGroup-BTB host-inbound-traffic protocols all
set security zones security-zone NineGroup-BTB interfaces lt-0/0/0.3
set security zones security-zone NineGroup-BTB interfaces ge-0/0/4.0
set security zones security-zone ninegroup-dns host-inbound-traffic system-services all
set security zones security-zone ninegroup-dns host-inbound-traffic protocols all
set security zones security-zone ninegroup-dns interfaces lt-0/0/0.5
set security zones security-zone ninegroup-dns interfaces lt-0/0/0.7
set security zones security-zone ninegroup-dns interfaces ge-0/0/6.0
set security zones security-zone netopstest2 host-inbound-traffic system-services all
set security zones security-zone netopstest2 host-inbound-traffic protocols all
set security zones security-zone netopstest2 interfaces ge-0/0/8.0
set security zones security-zone netopstest2 interfaces lt-0/0/0.9
set interfaces ge-0/0/0 unit 0 family inet dhcp-client update-server
set interfaces lt-0/0/0 unit 1 encapsulation ethernet
set interfaces lt-0/0/0 unit 1 peer-unit 2
set interfaces lt-0/0/0 unit 1 family inet address 20.20.20.1/30
set interfaces lt-0/0/0 unit 1 family iso
set interfaces lt-0/0/0 unit 2 encapsulation ethernet
set interfaces lt-0/0/0 unit 2 peer-unit 1
set interfaces lt-0/0/0 unit 2 family inet address 20.20.20.2/30
set interfaces lt-0/0/0 unit 2 family iso
set interfaces lt-0/0/0 unit 3 encapsulation ethernet
set interfaces lt-0/0/0 unit 3 peer-unit 4
set interfaces lt-0/0/0 unit 3 family inet address 30.30.30.1/30
set interfaces lt-0/0/0 unit 3 family iso
set interfaces lt-0/0/0 unit 4 encapsulation ethernet
set interfaces lt-0/0/0 unit 4 peer-unit 3
set interfaces lt-0/0/0 unit 4 family inet address 30.30.30.2/30
set interfaces lt-0/0/0 unit 4 family iso
set interfaces lt-0/0/0 unit 5 description to-customer-vr
set interfaces lt-0/0/0 unit 5 encapsulation ethernet
set interfaces lt-0/0/0 unit 5 peer-unit 6
set interfaces lt-0/0/0 unit 5 family inet address 40.40.40.1/30
set interfaces lt-0/0/0 unit 5 family iso
set interfaces lt-0/0/0 unit 6 description to-ninegroup-dns
set interfaces lt-0/0/0 unit 6 encapsulation ethernet
set interfaces lt-0/0/0 unit 6 peer-unit 5
set interfaces lt-0/0/0 unit 6 family inet address 40.40.40.2/30
set interfaces lt-0/0/0 unit 6 family iso
set interfaces lt-0/0/0 unit 7 description to-ninegroup-radius
set interfaces lt-0/0/0 unit 7 encapsulation ethernet
set interfaces lt-0/0/0 unit 7 peer-unit 8
set interfaces lt-0/0/0 unit 7 family inet address 60.60.60.1/30
set interfaces lt-0/0/0 unit 7 family iso
set interfaces lt-0/0/0 unit 8 description to-ninegroup-dns
set interfaces lt-0/0/0 unit 8 encapsulation ethernet
set interfaces lt-0/0/0 unit 8 peer-unit 7
set interfaces lt-0/0/0 unit 8 family inet address 60.60.60.2/30
set interfaces lt-0/0/0 unit 8 family iso
set interfaces lt-0/0/0 unit 9 description to-customer-vr
set interfaces lt-0/0/0 unit 9 encapsulation ethernet
set interfaces lt-0/0/0 unit 9 peer-unit 10
set interfaces lt-0/0/0 unit 9 family inet address 65.65.65.1/30
set interfaces lt-0/0/0 unit 9 family iso
set interfaces lt-0/0/0 unit 10 description to-netopstest-network
set interfaces lt-0/0/0 unit 10 encapsulation ethernet
set interfaces lt-0/0/0 unit 10 peer-unit 9
set interfaces lt-0/0/0 unit 10 family inet address 65.65.65.2/30
set interfaces lt-0/0/0 unit 10 family iso
set interfaces ge-0/0/2 unit 0 description To-RADIUS-Server
set interfaces ge-0/0/2 unit 0 family inet address 195.80.0.37/30
set interfaces ge-0/0/2 unit 0 family iso
set interfaces ge-0/0/2 unit 0 family inet6 address xxxx
set interfaces ge-0/0/3 unit 0 family inet
set interfaces ge-0/0/4 unit 0 description To-RADIUSBTB-Server
set interfaces ge-0/0/4 unit 0 family inet address 195.80.10.70/30
set interfaces ge-0/0/4 unit 0 family iso
set interfaces ge-0/0/4 unit 0 family inet6 address xxxx
set interfaces ge-0/0/6 unit 0 description To-DNS-Server
set interfaces ge-0/0/6 unit 0 family inet address 195.80.10.86/30
set interfaces ge-0/0/6 unit 0 family iso
set interfaces ge-0/0/6 unit 0 family inet6 address xxxx
set interfaces ge-0/0/8 unit 0 description to-netopstest2-network
set interfaces ge-0/0/8 unit 0 family inet address 192.168.50.210/24
set interfaces ge-0/0/8 unit 0 family iso
set interfaces xe-0/0/16 description Group-ae2
set interfaces xe-0/0/16 gigether-options 802.3ad ae2
set interfaces xe-0/0/17 unit 0 family inet
set interfaces xe-0/0/18 description Group-ae2
set interfaces xe-0/0/18 gigether-options 802.3ad ae2
set interfaces ae2 unit 0 description TO-THW-CORE-01-ae2
set interfaces ae2 unit 0 family inet address 195.80.10.18/30
set interfaces ae2 unit 0 family iso
set interfaces ae2 unit 0 family inet6 address xxxx
set interfaces fxp0 unit 0 family inet address 185.89.120.8/24
set interfaces lo0 unit 0 family inet address 195.80.10.3/32
set interfaces lo0 unit 0 family iso address 49.0001.1950.0080.0014.00
set interfaces lo0 unit 0 family inet6 address xxxx
set interfaces lo0 unit 10 family iso address 49.0001.1950.0080.0114.00
set interfaces lo0 unit 20 family iso address 49.0001.1950.0080.0224.00
set interfaces lo0 unit 30 family iso address 49.0001.1950.0080.0334.00
set interfaces lo0 unit 40 family iso address 49.0001.1950.0080.0444.00
set interfaces lo0 unit 50 family iso address 49.0001.1950.0080.0554.00
set snmp v3 usm local-engine user test authentication-md5 authentication-key "$9$Q9A.3CtRhSKvLREyKMWx7VwYg4Zkqfzn/wYFnCA0O7-dw4aJGDjk.JZ69tpB1VwsgGDq.5T36.mEcrlLXHq.5n/AtOIRSCABEyr8LDiHq5Q6/tRcy.P39pu1Idbw2gJHqmzF/go369CB1X7NdYgGUHPfz-V5QF6At7-dwYoji.Q36kqQn/Cu08Xx-ds"
set snmp v3 usm local-engine user test privacy-aes128 privacy-key "$9$EbNSKM-Vw4oG-ds4aJDjqmfTQnpu1hylmfcyKvLXjHkmQF369Cp03nreMWx7qmPT69u0IRSr0OdbY2GUtu0IylvMXN-wKvxdsYZG9AtuIErlM-bs0BSeW87Nk.m5T3tuOhclTzSreKx7UjikfT6/tB1hHqIEcrvMjHkmfzCA0ESrpuEylK8LZUDHkP"
set snmp v3 vacm security-to-group security-model usm security-name test group snmpgroup
set snmp v3 vacm access group snmpgroup default-context-prefix security-model usm security-level authentication read-view allmibs
set snmp engine-id use-default-ip-address
set snmp view allmibs oid .1.3.6.1 include
set snmp view allmibs oid .1 include
set routing-options static route 195.80.10.69/32 next-hop 195.80.0.70
set routing-options static route 195.80.10.9/32 next-hop 195.80.0.10
set routing-options static route 192.168.50.0/24 next-hop 192.168.50.210
set routing-options static route 195.80.10.38/32 next-hop 195.80.0.37
set routing-options static route 195.80.10.85/32 next-hop 195.80.0.86
set protocols isis level 1 authentication-key "$9$xNR7wgGUHm5FikF/A0hcM8X7bsgoJDHq"
set protocols isis level 1 authentication-type md5
set protocols isis level 2 authentication-key "$9$ynUrWxbwgJUH24Hm5FAtRhSrM8xNdsgo"
set protocols isis level 2 authentication-type md5
set protocols isis interface lo0.0
set policy-options policy-statement From_Customer_To_Nine from instance Customer-VR
set policy-options policy-statement From_Customer_To_Nine from protocol direct
set policy-options policy-statement From_Customer_To_Nine then accept
set policy-options policy-statement From_Nine_To_Customer from instance ninegroup-radius
set policy-options policy-statement From_Nine_To_Customer from protocol direct
set policy-options policy-statement From_Nine_To_Customer then accept
set policy-options policy-statement export_statics term 1 from protocol static
set policy-options policy-statement export_statics term 1 then accept
set policy-options policy-statement from_hexradius_to_thwradius from instance Customer-VR
set policy-options policy-statement from_hexradius_to_thwradius from protocol direct
set policy-options policy-statement from_hexradius_to_thwradius then accept
set policy-options policy-statement from_thwradius_to_hexradius from instance NineGroupBTB-VR
set policy-options policy-statement from_thwradius_to_hexradius from protocol direct
set policy-options policy-statement from_thwradius_to_hexradius then accept
set access address-assignment pool junosDHCPPool family inet network 192.168.2.0/24
set access address-assignment pool junosDHCPPool family inet range junosRange low 192.168.2.2
set access address-assignment pool junosDHCPPool family inet range junosRange high 192.168.2.254
set access address-assignment pool junosDHCPPool family inet dhcp-attributes router 192.168.2.1
set access address-assignment pool junosDHCPPool family inet dhcp-attributes propagate-settings ge-0/0/0.0
set routing-instances Customer-VR instance-type virtual-router
set routing-instances Customer-VR interface lt-0/0/0.2
set routing-instances Customer-VR interface lt-0/0/0.4
set routing-instances Customer-VR interface lt-0/0/0.6
set routing-instances Customer-VR interface lt-0/0/0.10
set routing-instances Customer-VR interface ae2.0
set routing-instances Customer-VR interface lo0.10
set routing-instances Customer-VR protocols isis level 1 authentication-key "$9$3M.wntOhclMLNreNbYoji5QFnApO1RSlK"
set routing-instances Customer-VR protocols isis level 1 authentication-type md5
set routing-instances Customer-VR protocols isis level 2 authentication-key "$9$jgiPQ/9pBRStuSeMXbwJGDimfQFnCp0"
set routing-instances Customer-VR protocols isis level 2 authentication-type md5
set routing-instances Customer-VR protocols isis interface lt-0/0/0.2
set routing-instances Customer-VR protocols isis interface lt-0/0/0.4
set routing-instances Customer-VR protocols isis interface lt-0/0/0.6
set routing-instances Customer-VR protocols isis interface lt-0/0/0.10
set routing-instances Customer-VR protocols isis interface ae2.0
set routing-instances Customer-VR protocols isis interface lo0.10
set routing-instances NineGroupBTB-VR instance-type virtual-router
set routing-instances NineGroupBTB-VR interface lt-0/0/0.3
set routing-instances NineGroupBTB-VR interface ge-0/0/4.0
set routing-instances NineGroupBTB-VR interface lo0.30
set routing-instances NineGroupBTB-VR protocols isis level 1 authentication-key "$9$g74UHf5F/A0z30Ihr8Lbs24GDHqmTFn"
set routing-instances NineGroupBTB-VR protocols isis level 1 authentication-type md5
set routing-instances NineGroupBTB-VR protocols isis level 2 authentication-key "$9$Wn78-woaUH.5GD5F6A1IlKM8NdwYgJUj"
set routing-instances NineGroupBTB-VR protocols isis level 2 authentication-type md5
set routing-instances NineGroupBTB-VR protocols isis interface lt-0/0/0.3
set routing-instances NineGroupBTB-VR protocols isis interface ge-0/0/4.0
set routing-instances NineGroupBTB-VR protocols isis interface lo0.30
set routing-instances netopstest2 instance-type virtual-router
set routing-instances netopstest2 interface lt-0/0/0.9
set routing-instances netopstest2 interface ge-0/0/8.0
set routing-instances netopstest2 interface lo0.50
set routing-instances netopstest2 protocols isis export export_statics
set routing-instances netopstest2 protocols isis level 1 authentication-key "$9$KZDvxd2gJDHmaZmTF/0OSrevX7dbs4JG"
set routing-instances netopstest2 protocols isis level 1 authentication-type md5
set routing-instances netopstest2 protocols isis level 2 authentication-key "$9$g54UHf5F/A0z30Ihr8Lbs24GDHqmTFn"
set routing-instances netopstest2 protocols isis level 2 authentication-type md5
set routing-instances netopstest2 protocols isis interface lt-0/0/0.9
set routing-instances netopstest2 protocols isis interface ge-0/0/8.0
set routing-instances netopstest2 protocols isis interface lo0.50
set routing-instances ninegroup-dns instance-type virtual-router
set routing-instances ninegroup-dns interface lt-0/0/0.5
set routing-instances ninegroup-dns interface lt-0/0/0.7
set routing-instances ninegroup-dns interface ge-0/0/6.0
set routing-instances ninegroup-dns interface lo0.40
set routing-instances ninegroup-dns protocols isis level 1 authentication-key "$9$xSz7wgGUHm5FikF/A0hcM8X7bsgoJDHq"
set routing-instances ninegroup-dns protocols isis level 1 authentication-type md5
set routing-instances ninegroup-dns protocols isis level 2 authentication-key "$9$GxUqf3nCuBE9AEyeW-d4aZUk.fTz6Ct"
set routing-instances ninegroup-dns protocols isis level 2 authentication-type md5
set routing-instances ninegroup-dns protocols isis interface lt-0/0/0.5
set routing-instances ninegroup-dns protocols isis interface lt-0/0/0.7
set routing-instances ninegroup-dns protocols isis interface ge-0/0/6.0
set routing-instances ninegroup-dns protocols isis interface lo0.40
set routing-instances ninegroup-radius instance-type virtual-router
set routing-instances ninegroup-radius interface lt-0/0/0.1
set routing-instances ninegroup-radius interface lt-0/0/0.8
set routing-instances ninegroup-radius interface ge-0/0/2.0
set routing-instances ninegroup-radius interface lo0.20
set routing-instances ninegroup-radius protocols isis export export_statics
set routing-instances ninegroup-radius protocols isis level 1 authentication-key "$9$RplElM7Nb2oGVwGiqfn60BIEreM8X-bs"
set routing-instances ninegroup-radius protocols isis level 1 authentication-type md5
set routing-instances ninegroup-radius protocols isis level 2 authentication-key "$9$lc7eLNsYoGjq4aqfQnpuhSre8XNdb2oJ"
set routing-instances ninegroup-radius protocols isis level 2 authentication-type md5
set routing-instances ninegroup-radius protocols isis interface lt-0/0/0.1
set routing-instances ninegroup-radius protocols isis interface lt-0/0/0.8
set routing-instances ninegroup-radius protocols isis interface ge-0/0/2.0
set routing-instances ninegroup-radius protocols isis interface lo0.20
set applications application RADIUS term 1 protocol udp
set applications application RADIUS term 1 destination-port 1812-1814
My apologies for the length of the config.
I can ping from my desktop on the 192.168 network to the thw-radius server but I cannot get to the GUI (HTTP/HTTPS) although I am allowing that through.
On the other SRX I can access the RADIUS server but it does not have the netopstest2 network associated as it comes in on the customer interface.
Can anyone see any obvious reason why HTTP access just will not work please?
Also, I can SSH onto this SRX and although the other SRX is configured correctly, I cannot SSH onto it.
Thanks