Discussion:
[j-nsp] SRX RA client
Ola Thoresen
2018-08-15 11:26:46 UTC
Permalink
Hi all,
Anyone know how to make an SRX (SRX300, branch thing), accept default routes from an IPv6 RA?
It should work if you add your external interface under "protocols
router-advertisement" and make sure you allow router-advertisments in
your firewall/security-policies.


/Ola (T)



_______________________________________________
juniper-nsp mailing list juniper-***@puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp
Ola Thoresen
2018-08-15 11:42:16 UTC
Permalink
I’ve updated those to match in case it cared for some reason, still no dice.
Never tested it with a 300, but it did work fine with vSRX last time I
did it.
My 300 is connected to a IPv4-only network at the moment (shame on my ISP!).
It doesn’t make a lot of sense that you have to configure an interface to send RA when you really want to accept them eh?
Totally agree. And it even causes a lot of issues if you have two SRXes
sending RAs to each other.

I had to firewall the incoming RAs on the box that _should_ be default
router, or else it would install the default route from the "client" SRX.


/Ola (T)
_______________________________________________
juniper-nsp mailing list juniper-***@puck.nether.net
https://puck.nether.net/mai

Loading...