Support Support Downloads Knowledge Base Juniper Support Portal Community

Knowledge Base

Search our Knowledge Base sites to find answers to your questions.

Ask All Knowledge Base Sites All Knowledge Base Sites JunosE Defect (KA)Knowledge BaseSecurity AdvisoriesTechnical BulletinsTechnotes Sign in to display secure content and recently viewed articles

[SRX] How to propagate DNS information from ISP to the Client PC



Article ID: KB31279 KB Last Updated: 17 Jul 2020Version: 3.0

This article describes how to propagate DNS information from a DHCP server in the ISP to the client PC in an internal network behind the SRX firewall.



Customer has a DHCP server in ISP which provides IP address details to the PC behind the SRX firewall. The topology is as given below.



This article details how to configure and verify the settings to provide DNS information from the DHCP server to the PC.



The following setting example is for SRX345.

set version 15.1X49-D60.7
set system services dhcp pool address-range low
set system services dhcp pool address-range high
set system services dhcp pool default-lease-time 1800
set system services dhcp pool router
set system services dhcp pool propagate-settings ge-0/0/1.0 
set security policies default-policy permit-all
set security zones security-zone untrust interfaces ge-0/0/1.0 host-inbound-traffic system-services all
set security zones security-zone trust interfaces irb.0 host-inbound-traffic system-services all
set interfaces ge-0/0/1 unit 0 family inet dhcp server-address
set interfaces ge-0/0/1 unit 0 family inet dhcp update-server
set interfaces ge-0/0/2 unit 0 family ethernet-switching vlan members 3
set interfaces irb unit 0 family inet address
set protocols l2-learning global-mode switching
set vlans vlan3 vlan-id 3
set vlans vlan3 l3-interface irb.0

Verification in SRX

root@SRX-345-1# run show system services dhcp client ge-0/0/1.0

Logical Interface name ge-0/0/1.0
Hardware address 30:b6:4f:2d:7b:42
Client status bound
Server address
Address obtained
Update server enabled
Lease obtained at 2016-11-16 11:13:45 HKT
Lease expires at 2016-11-30 11:13:45 HKT

DHCP options:
Name: server-identifier, Value:
Code: 1, Type: ip-address, Value:
Name: router, Value: [ ]
Name: name-server, Value: [ ]  <--From the ISP


Modification History:

2020-07-17: Article reviewed for accuracy; no changes required; article still valid


Related Links

Comment on this article > Affected Products Browse the Knowledge Base for more articles related to these product categories. Select a category to begin.

Getting Up and Running with Junos

Getting Up and Running with Junos Security Alerts and Vulnerabilities Product Alerts and Software Release Notices Problem Report (PR) Search Tool EOL Notices and Bulletins JTAC User Guide Customer Care User Guide Pathfinder SRX High Availability Configurator SRX VPN Configurator Training Courses and Videos End User Licence Agreement Global Search