Friday, November 2, 2018

JunOS Instance-type virtual-router and RADIUS

I am working on SRX firewalls and eventually will move to MX routers. The issue that I am having is I created a virtual-router instance (vrf-lite) and for the life of me I could not get the in-band management via RADIUS to work.

I can traceroute from the SRX to the radius server via the new routing-instance, but when I tested the ssh login it failed. It says that there is no route to the radius servers. This is the same with NTP and DNS.

The question that I have now is. The radius authentication only allowed in the master instance and not to any virtual-routers?

I am trying to keep the master instance just for out-of-band only and in-band management, ntp, dns and the rest of the data traffic will be on a new virtual-router.



No comments:

Post a Comment