Hi all
Hoping someone can take pitty on me and help me out of a bind.
Been struggling to get this working for some time now and the boss is getting a bit snarky now so really need to get it resolved asap.
I'll admit I don't have the greatest of networking knowledge so I'm hoping someone can point out something very simple that I'm missing here.
The setup I'm looking for is very similar to TriSept's in the post: https://forums.juniper.net/t5/SRX-Services-Gateway/Public-subnet-behind-SRX/td-p/300447 but I didn't want to hijack his thread.
Baasicly share our line with a tenant in the building and are looking to create 2 independent zones, with the client having all traffic from a certain IP routed to them and have their router handle security/NAT/etc (but if not possible we would be willing to have the SRX handle this).
I've been working to keep a "trust" zone for testing purposes on a vlan running off ge-0/0/1, with our network running off ge-0/0/2, and our tenant running off ge-0/0/3.
Our ISP supplied the following details:
WAN Subnet : *.*.131.196
WAN Subnet Mask : /30
WAN IP : *.*.131.198
WAN Default Gateway : *.*.131.197
Routed IP's Network Number : *.*.138.216
Routed IP Mask : /30
Routed First Host : *.*.138.217
Routed Second Host : *.*.138.218
Routed Last Host : *.*.138.218
Routed Broadcast Address : *.*.138.219
I can happily get online and get service running from WAN IP : *.*.131.198, but I've been banging my head against a wall trying to get anything working with Routed First Host : *.*.138.217, and Routed Second Host : *.*.138.218
At first I was trying to use proxy/arp but as they're not he same subnet I discovered that was clearly a dead end.
Can anyone help explain how I should setup Routed First Host : *.*.138.217, and Routed Second Host : *.*.138.218 to effectively pass through traffic to our tenant zone on ge-0/0/3?
I've attached my current "work in progress" configuration if some kind soul could have a look over and let me know what my next steps should be,
Many, many thanks in advance