Juniper Netscreen 25 & Cisco 2900 Vlan Trunk

25 pts.
Juniper Cisco trunk
Juniper Cisco Vlan
Juniper NetScreen-25
Juniper Networks
I have Juniper Netscreen 25 and a Cisco 2900 switch with which I’m simply trying to set up a ‘router on a stick’ scenario and I can’t seem get the trunk working.

On the Cisco 2900 I’ve done the following: Created 3 vlans: 10, 20 & 30, assigned 5 ports to each vlan, set fa0/20 as the trunk port using 802.1q and assigned an IP to each vlan so I can ping test once complete.

On the Juniper I’ve: Created 3 sub interfaces eth1.1, 1.2 & 1.3, specified eth1 to use 802.1q, assigned an ip to each interface in the same subnet as the corresponding vlans on the Cisco, specified the same vlan tags as on the Cisco 2900, Made all 3 sub-interfaces members of the trust zone and I can’t get any traffic across the trunk. I’ve even resorted to changing the cable :)

Any help would be greatly appreciated.

Software/Hardware used:
Juniper Netscreen 25, Cisco 2900/2950

Answer Wiki

Thanks. We'll let you know when a new response is added.

Ok, lets start from the beginning, as it seems the most of the work is already done.

Using the configuration you provided, can you ping the other end of the same subnet in the opposite equipment?

(before trying anything, please confirm that all (sub)interfaces are UP)
On the switch, subnet 1 IF, ping the IP address of netscreen subnet 1. If it succeeds, please do the opposite. (Netscreen -> Cisco)

Repeat on all subnets.

Regarding routing, I think it wouldn’t be possible to make Netscreen route traffic between VLANs. I don’t have personal knowledge with Netscreen 25 device, but I think it isn’t possible to achieve the “router on a stick” scenario with this equipment.



After looking over you basic config , you mention you set port fa0/24 to trunk, but have you added the native / allowed VLANs to that trunk?

the commands would look something like this:

<b>Switch(config-if)#switchport mode trunk
Switch(config-if)#switchport trunk native vlan 1
Switch(config-if)#switchport trunk allowed vlans all</b> (or <b>allowed vlans add 2-3</b>)

let us know how things turn out…

Discuss This Question: 1  Reply

There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when members answer or reply to this question.
  • AVB2019
    I have successfully created subint type vlans and can access them system wide; - the sub-int number and vlan tag are loosely related ...on the netscreen 25 there are 8 subints per eth interface
    10 pointsBadges:

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

To follow this tag...

There was an error processing your information. Please try again later.

Thanks! We'll email you when relevant content is added and updated.


Share this item with your network: