Which configuration setting would resolve this issue?

You have recently deployed a dynamic VPN. The remote users are complaining that
communications with devices on the same subnet as the SRX device are intermittent and
often fail. The tunnel is stable and up, and communications with remote devices on different
subnets work without any issues. Which configuration setting would resolve this issue?

You have recently deployed a dynamic VPN. The remote users are complaining that
communications with devices on the same subnet as the SRX device are intermittent and
often fail. The tunnel is stable and up, and communications with remote devices on different
subnets work without any issues. Which configuration setting would resolve this issue?

A.
adding local-redirect at the [edit security nat] hierarchy

B.
adding local-redirect at the [edit interfaces <interface-name>] hierarchy

C.
adding proxy-arp at the [edit security nat] hierarchy

D.
adding proxy-arp at the [edit interfaces <interface-name>] hierarchy

Show Hint

Leave a Reply 4

Your email address will not be published. Required fields are marked *

John Smith

John Smith

C Is correct

A Local-redirect is not possible at this level of the stanza, I have not even heard of the command before. I think I have seen something like this on the MX for HTTP.
B Local-redirect is not possible at this level of the stanza, I have not even heard of the command before. I think I have seen something like this on the MX for HTTP.
D Proxy are is done at edit security nat stanza

Reply

Tom Brady

Tom Brady

My thoughts on this, if the configuration needed a proxy arp and it weren’t configured, it would not be intermittent it would simply never work.

However, if a proxy arp was configured and it shouldn’t be, it would conflict with the actual device on the same subnet and cause intermittent issues. It seems likely to me that C should have said “removing” proxy-arp.

Reply