0

亲爱的,

我是网络新手,我需要您的帮助来解决我在瞻博网络 srx210 设备中设置 vlan 接口时面临的一个问题

MY-PC ---> Cisco 3750 -- > srx.210 ( vlan interface)
root# show vlans MGMT {
vlan-id 101;
l3-interface vlan.

oot# show interfaces vlan    unit 0 {
family inet {

    address 192.168.10.1/24;
}
show interfaces ge-0/0/1 unit 0 {
family ethernet-switching {
    port-mode trunk;
    vlan {
        members MGMT;
    }
}

root# show security zones security-zone MGMT interfaces {
vlan.101 {
    host-inbound-traffic {
        system-services {
            all;
        }
    }
}

}

思科交换机

接口 FastEthernet1/0/1 交换机端口中继允许 vlan 101

电脑端口

接口 FastEthernet1/0/2 交换机端口访问 vlan 101

4

1 回答 1

0

是在 Cisco 交换机上创建的 vlan 吗?你已经标记了它,但你仍然需要创建它。你也设置了中继端口的封装吗?

您是否在 SRX 上的区域之间创建了策略?只是像下面这样简单的测试?

set security policies from-zone ZONE1 to-zone ZONE2 policy POLICY1 match source-address any
set security policies from-zone ZONE1 to-zone ZONE2 policy POLICY1 match destination-address any
set security policies from-zone ZONE1 to-zone ZONE2 policy POLICY1 match application any
set security policies from-zone ZONE1 to-zone ZONE2 policy POLICY1 then permit
于 2020-10-22T21:24:22.967 回答