Juniper SRX100H2 as your home router

Hello Folks,

I have Verizon FIOS, and their ActioTec MI424WR wireless router. Since I wanted to use my own router instead of the FIOS router Verizon had provided, I would need to change the mode of the ActioTec router into bridge mode, which I did several years ago.

I have been using my Cisco ASA 5505 as my firewall/router to the Internet for several years now, and I recently started working on Juniper SRX at work. I decided to purchase an SRX100H2 to replace my ASA 5505 that I have at home. I thought this is going to be the best time to do this since I have been planning to change my VLAN and IP address scheme.

First thing first, I got to make sure that the SRX is able to connect to the Internet. I configured the SRX’ fe-0/0/0 to be the untrust interface, and two interfaces that are in LACP trunk to my Cisco switch.

The topology looks like this

Figure 1

Figure 1

Since I don’t have a static public IP address, I had to configure my SRX fe-0/0/0 interface to be a DHCP client. IGMP also needed on the untrust interface and should be allowed under host-inbound-traffic.

networkshinobi@BFWSRX> show configuration interfaces fe-0/0/0  
unit 0 {
 description "TO THE INTERNET";
 family inet {
 dhcp-client {
networkshinobi@BFWSRX> show configuration security zones security-zone untrust 
screen untrust-screen;
interfaces {
 fe-0/0/0.0 {
 host-inbound-traffic {
 system-services {
 protocols {
networkshinobi@BFWSRX> show configuration protocols igmp 
interface fe-0/0/0.0;

After configuring the interface as a DHCP client, protocol, and host-inbound, I had to phone Verizon customer support to release my DHCP lease, so that the SRX would be able to ask an IP address 🙂

Figure 2: Pinged Google from the SRX

About networkshinobi

My name is Karlo, I work as a Network Engineer. A little about myself. I started as a PC gamer back when I was in high school. PC gaming became my addiction and pushed me to learn more about computers. Slowly got my some certifications and landed an IT Tier 1 Helpdesk job. This job opened the door for me to work to push further on my certifications and going deeper into the IT world. My goal was to get my Cisco CCIE Routing and Switching, but my journey for CCIE has changed due to I always ended up working on non-Cisco network appliances. Therefore, I have to pivot and decided to jump to the dark side and go with Juniper. Hopefully, I would get my JNCIE in the near future. All the entries/post I made are based on my views, opinion and for educational purposes only. If you see some mistakes, feel free to drop some comments. I would appreciate all the helpful comments. Thanks
This entry was posted in Juniper, Misc. and tagged , , , , , , . Bookmark the permalink.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s