Hi guys,
I've been trying to set up subinterfaces on a SRX300 HA cluster and haven't been able to make it work.
Straight to the point: I have reth2 and want to have there 2 subinterfaces, one on VLAN 903 (IP 172.30.111.254/24) and the other one on VLAN 904 (IP 172.16.1.254/24).
This is the configuration set under interfaces (NOTE: I have rebooted both nodes when commited the "family ethernet-switching"):
irb {
unit 1 {
family inet {
address 172.30.111.254/24;
}
}
unit 2 {
family inet {
address 172.16.1.254/24;
}
}
}
reth2 {
redundant-ether-options {
redundancy-group 1;
}
unit 0 {
family ethernet-switching {
interface-mode trunk;
vlan {
members all;
}
}
}
} And this is the configuration under #vlans:
root@DWFW-NODE0> show configuration vlans
vlan903 {
vlan-id 903;
l3-interface irb.1;
}
vlan904 {
vlan-id 904;
l3-interface irb.2;
}And here the security zone configuration:
root@DWFW-NODE0> show configuration security zones security-zone trust
host-inbound-traffic {
system-services {
all;
}
protocols {
all;
}
}
interfaces {
reth1.0;
irb.1;
irb.2;
}
But from my laptop connected to any of those VLANs I'm not able to ping the firewalls either on IPs 172.16.1.254 or 172.30.111.254
Any clue what might be missing here?
Thanks in advance