Score:0

ScreenOS SSG-320M Source Interface Based Routing

cl flag

quick question. Couldn't figure this out with even the ScreenOS Bible.

Juniper SSG-320M Firewall, Just added an 8port PIM Module(ETH1/0 to 1/7): ETH0/0(Trust) 172.16.1.1/16 ETH0/2(UnTrust) 192.168.0.5/24

Just added the 8 port PIM Ethernet card, assigned it to Trust Zone but can't figure out how to route traffic coming ETH1/0 thru ETH1/7 over to the rest of the 172.16.1.1/16 subnet.

It would be perfect case scenario if I could just have everything in the Trust zone be in the 172.16.x.x/16 subnet. Have tried all combination of Virtual Routers/Source Interface routing, etc. Ideas? Am I missing something totally basic?!

Also, on a kinda-related note. The ETH0/0(Trust 172.16.1.1/16) is a DHCP server, serves ip's just fine to that interface. Is it possible to have the add-on cards (ETH1/0 thru ETH1/7) also be DHCP clients? So if a cable is plugged into the add-on card, it receives DHCP address from the ETH0/0 Trusted DHCP server handing out 172.16.1.x IP's?

Chalen avatar
cl flag
Anybody?!? Bump!
Score:0
cl flag

Think I came up with the answer. Just add all the ports to a VLAN and tag.

mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.