Searching...
Reply
Highlighted

Juniper SRX on Optus / HFC

taztans

Good afternoon, 

 

Had Optus NBN connected last week on the existing HFC cable (previously Telstra). Optus sagecom router works fine when connected to the NBN Arris Modem, however If I try and replace the Optus Sagecom router to an Enterprise Juniper Router (to avoid double NAT'ting and well the Juniper is much better) I can't bind the offered DHCP address to the Juniper interface.

 

If I connect the Juniper to the Optus Sagecom, the juniper accepts a DHCP address immediately.

 

My question is, during the DHCP protocol transfer, is the Optus RADIUS server expecting certain information:

Specific Hostname / Specific MAC OUI? Does the Sagecom send a specific option in the accept message so the RADIUS server sends the correct ACK?

 

Thanks for any suggestions!

 

 

 

Re: Juniper SRX on Optus / HFC

Jeneral__Pain

As we've been discussing in your WP Thread... https://forums.whirlpool.net.au/forum-replies.cfm?t=2770838 - Optus does not bind based on the HOSTNAME provided, it gives an IP based on the mac of the interface.

 

Given you've got the internet working with Optus hardware and not with your Juniper device, I would strongly recommend engaging an engineer who knows Junipers interface/JunOS backwards to figure out what config you've got wrongly.

I'm a Yes-Crowd Contributor, not an Optus Employee, and I contribute on a voluntary basis. Did someone on Yes Crowd answer your question? Did they share a great tip Please remember to acknowledge their awesomeness by throwing a Kudo and or Accepted Solution their way.

Re: Juniper SRX on Optus / HFC

taztans

Yes, But...

If I only spoof the MAC of the Sagemcom modem, I don't get a response from the DHCP server.

 

However...

If I both Spoof the MAC address of the Sagemcom and I also enter a client-identifier or a vendor-id, I get NACK's back from the DHCP server. Negative Acknowledgements to the effect that my REQUEST is being denied.

 

Furthermore, if I enter the vendor-id to be "MSFT 5.0" which is the vendor ID submitted by my Windows 10 HP Laptop, I get an ACK back and the SRX binds an IP address - albeit only for a few minutes.

 

So - I'm hoping someone in their spare time can submit a detailed DHCP trace from their enterprise Router connected directly to the Arris which should contain the missing information I need to configure the SRX with.

Post a Reply
Top Contributors
71 Kudos
31 Kudos
29 Kudos
27 Kudos
20 Kudos