[AusNOG] AWS Direct Connect & Juniper
Simon Dixon
simon at dicko.net.au
Fri Jan 23 17:42:13 EST 2015
Andrew,
Is it a SRX cluster your using?
If so check that your allowing BGP to the RE in the zone config
A default config change would look like this.
set security zone security-zone untrust host-inbound-traffic protocols bgp
Regards
Simon.
On 23 January 2015 at 13:26, Geordie Guy <elomis at gmail.com> wrote:
> Just to confirm, you can see traffic coming from AWS but not going back?
> Or is it the other way around? Are you connecting to a VPC or using a
> public IPs for Internet facing resources like S3? Also, if you're using it
> for public accessibility over the DxC, are you using your own assigned IPs
> or are you part of the beta program where AWS assign you a /31
> in 54.239.0.0?
>
> On Fri, Jan 23, 2015 at 3:49 PM, Andrew Cowan <andycowan at gmail.com> wrote:
>
>> Hi Chris,
>>
>> Thanks for your suggestion. I checked the firewall and got the output
>> below, I think this just means the firewall is disabled, so no problem
>> there.
>>
>> > show configuration firewall
>>
>> filter filter-jflow {
>>
>> term 1 {
>>
>> then {
>>
>> sample;
>>
>> accept;
>>
>> }
>>
>> }
>>
>> }
>>
>> > show configuration firewall family inet
>>
>>
>> {primary:node0}
>>
>>
>> <http://lists.ausnog.net/mailman/listinfo/ausnog>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ausnog.net/pipermail/ausnog/attachments/20150123/e7b3574d/attachment.html>
More information about the AusNOG
mailing list