Support Support Downloads Knowledge Base Case Manager My Juniper Community

Knowledge Base

Search our Knowledge Base sites to find answers to your questions.

Ask All Knowledge Base Sites All Knowledge Base Sites JunosE Defect (KA)Knowledge BaseSecurity AdvisoriesTechnical BulletinsTechnotes Sign in to display secure content and recently viewed articles

[SRX] Routes learnt using traffic-selector cannot be leaked using rib-groups

0

0

Article ID: KB36201 KB Last Updated: 21 Sep 2020Version: 1.0
Summary:

In case of a route based VPN which have traffic selector configuration, routes learnt via Traffic selector cannot be imported / exported to another routing instance using rib-groups.

Solution:

Workaround:

  1. Configure static route under the routing-instance and import them using rib-groups.
  2. Use policy-options to leak route.  

Example:

set policy-options policy-statement Instance-1 term 1 from instance Test-import
set policy-options policy-statement Instance-1 term 1 from protocol static
set policy-options policy-statement Instance-1 term 1 from route-filter x.x.x.x/x exact
set policy-options policy-statement Instance-1 term 1 then accept
set policy-options policy-statement Instance-1 term 2 then reject
set routing-instances Instance-2 routing-options instance-import Test-import
Comment on this article > Affected Products Browse the Knowledge Base for more articles related to these product categories. Select a category to begin.

Getting Up and Running with Junos

Getting Up and Running with Junos Security Alerts and Vulnerabilities Product Alerts and Software Release Notices Problem Report (PR) Search Tool EOL Notices and Bulletins JTAC User Guide Customer Care User Guide Pathfinder SRX High Availability Configurator SRX VPN Configurator Training Courses and Videos End User Licence Agreement Global Search