06-04-2024 06:04 PM - edited 06-04-2024 06:12 PM
Cisco warriors, I need help with this please!
I have SRX doing proxy-arp 192.168.0.0/16 with directly connected to cat 9300 cisco
I want to put another SRX in between as a layer 3 for extra security. is there a way to keep the same IP address for the VLANs on cat 9300?
thanks in advance!
Solved! Go to Solution.
06-05-2024 07:06 AM
resolved the issue by using 192.168.0.0/24 between cisco switch and the new SRX
thanks team for responding!
06-04-2024 09:12 PM - edited 06-04-2024 09:29 PM
You can config BVI in new SRX that make SW and old SRX in same subnet and you can put some secuirty in new SRX
MHM
06-05-2024 04:05 AM - edited 06-05-2024 04:23 AM
we need to nat on the new srx so it has to be L3 device. Also, BVI is not supported in SRX only Translational cross connect is supported and required to be in packet mode.
06-04-2024 09:24 PM
Hello
Why not put the new SRX in transparent mode, thus you keep the addressing as it is but you have the extra security in-between?
06-05-2024 04:04 AM
we need to nat Multicast add on the new SRX not on the old one to avoid cpu utilization.
06-05-2024 07:06 AM
resolved the issue by using 192.168.0.0/24 between cisco switch and the new SRX
thanks team for responding!
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide