Support Support Downloads Knowledge Base Juniper Support Portal Community

Knowledge Base

Search our Knowledge Base sites to find answers to your questions.

Ask All Knowledge Base Sites All Knowledge Base Sites JunosE Defect (KA)Knowledge BaseSecurity AdvisoriesTechnical BulletinsTechnotes Sign in to display secure content and recently viewed articles

[ScreenOS] How to create a connected default route on an interface bound to untrust zone?

0

0

Article ID: KB21108 KB Last Updated: 03 Jan 2012Version: 1.0
Summary:
This article provides information on how to create a connected default route for an interface in the untrust zone.
Symptoms:
Create a connected default route, so that it takes precedence over a static default route.
Cause:

Solution:
To create a connected default route from an interface bound to the untrust zone, use the following command:
set interface <interface name> gateway <gateway address>


Note: This command only works when the interface is bound to the untrust zone.

Using this command for any other system defined or custom zone will fail, as shown in the following output:
ns50-> set int eth1 gateway 1.1.1.1
Gateway ip cannot be set on this interface. To add default-route, use
"set vrouter trust-vr route 0.0.0.0/0 interface ethernet1 gateway 1.1.1.1"

Failed command - set int eth1 gateway 1.1.1.1
Comment on this article > Affected Products Browse the Knowledge Base for more articles related to these product categories. Select a category to begin.

Getting Up and Running with Junos

Getting Up and Running with Junos Security Alerts and Vulnerabilities Product Alerts and Software Release Notices Problem Report (PR) Search Tool EOL Notices and Bulletins JTAC User Guide Customer Care User Guide Pathfinder SRX High Availability Configurator SRX VPN Configurator Training Courses and Videos End User Licence Agreement Global Search