Oops, I meant to say that you should replace fe-0/0/0.0 with the at-1/0/0.0 interface under the propagate settings, since at-1/0/0.0 is the one receiving the DHCP parameters from upstream.
Stefan Fouant JNCIE-SEC, JNCIE-SP, JNCIE-ENT, JNCI Technical Trainer, Juniper Networks Follow us on Twitter @JuniperEducate Sent from my iPad On Aug 28, 2012, at 9:12 AM, Stefan Fouant <[email protected]> wrote: > Also, your DHCP propagate setting is referencing fe-0/0/0.0 whereas is should > be referencing vlan.0, vlan.1 and vlan.2. Per the docs, the propagate option > applies to the logical interface which will receive TCP/IP settings from the > external network for propagation to the DHCP pool running on the device. > Currently, fe-0/0/0.0 isn't a routing interface and it isn't part of any > assigned zone. > > HTHs. > > Stefan Fouant > JNCIE-SEC, JNCIE-SP, JNCIE-ENT, JNCI > Technical Trainer, Juniper Networks > > Follow us on Twitter @JuniperEducate > > Sent from my iPad > > On Aug 28, 2012, at 7:41 AM, Dale Shaw <[email protected]> wrote: > >> [Apologies for top post] >> >> There are a few problems with the config (once you get basic comms up >> you'll need to look at your IPsec settings) but I suspect the main problem >> is that interface at-1/0/0.0 isn't assigned to a security zone (untrust). >> >> Cheers, >> Dale >> >> On Aug 28, 2012 8:10 PM, "Josh Farrelly" <[email protected]> wrote: >> _______________________________________________ >> juniper-nsp mailing list [email protected] >> https://puck.nether.net/mailman/listinfo/juniper-nsp > > _______________________________________________ > juniper-nsp mailing list [email protected] > https://puck.nether.net/mailman/listinfo/juniper-nsp _______________________________________________ juniper-nsp mailing list [email protected] https://puck.nether.net/mailman/listinfo/juniper-nsp
