Create Management Connectivity Between a CPE and a Switch
To set up management connectivity between an SRX Series Customer Premise Equipment (CPE) and an EX Series switch or an access point (AP), create a zone-based LAN segment and include the CPE port (to be connected to the switch or AP) in it. This LAN segment is associated with a security zone for underlay breakout. If you have configured a LAG interface to manage the connectivity to the switch, you can add the Aggregated Ethernet (ae) interface to the LAN. This step creates reachability between the EX Series switch and Juniper Mist.
To create management connectivity between a CPE and an EX Series switch or an AP:
- Click Resources > Devices.
- Select a CPE from the list of devices displayed and click More > Manage Switch Connectivity.
The Manage Switch Connectivity page is displayed.
You can configure the management connectivity on a CPE only if its Management Status is Provisioned.
- On the right side of the Management Connectivity section, click the + icon.
The Create Management Pool page is displayed.
Alternatively, you can create a management pool (zone-based LAN segment) from the Add LAN Segment screen (Resources > Site Management > site-name > LAN (tab) > +. When you create a LAN segment, disable the Use for Overlay VPN option to associate the LAN segment with a security zone for underlay breakout.
- Complete the configuration settings according to the guidelines provided in Table 1.
- Click OK.
The LAN segment is added to the list in the Management Connectivity section on the Manage Switch Connectivity page.
On clicking OK, CSO applies the configuration and displays the switch or AP connected to the CPE in the Device Name column on Devices page (Resources > Devices), if a switch or an AP is already connected to the CPE. Also, the Connected Switches column in the Sites List on the Site Management page displays the number of switches connected to the CPE.
To view a switch or an AP which is connected to a CPE at a later time (after the Management Pool was created), select the CPE from the Device page and click Discover Connected Device.
Table 1: Fields on the Create Management Pool page
Enter a name for the LAN segment.
Select the CPE port to be added to the management pool (the zone-based LAN segment). If you are using a LAG interface to connect the CPE to the switch or an AP, select an aggregated Ethernet (ae) interface. In case of dual CPE deployments, you can select a reth interface.
Note: Ensure that you have enabled LLDP on the interface selected.
Specify a VLAN ID for this LAN Segment. By default, VLAN ID is set to 1 and native VLAN is enabled for untagged traffic.
Use for Native VLAN
Enable this option to use the specified VLAN ID for untagged traffic. The CPE interface is configured with a native-vlan-id, which has the same value as the VLAN ID.
Enter a valid gateway IP address and mask for the LAN segment. This address will be the default gateway for endpoints in this LAN segment.
For example: 192.0.2.8/24.
Select a security zone to be associated with this LAN segment. Alternatively click Create Zone to create a new security zone and assign that to this LAN segment. See Adding a Security Zone for details.
For directly connected LAN segments, click the toggle button to enable DHCP.
You can enable DHCP if you want to assign IP addresses by using a DHCP server or disable DHCP if you want to assign a static IP address to the LAN segment.
Note: If you enable DHCP, additional fields appear on the page.
Additional fields related to DHCP
Address Range Low
Enter the starting IP address in the range of IP addresses that can be allocated by the DHCP server to the LAN segment.
Address Range High
Enter the ending IP address in the range of IP addresses that can be allocated by the DHCP server to the LAN segment.
Maximum Lease Time
Specify the maximum duration (in seconds) for which a client can request for and hold a lease on the DHCP server.
Range: 0 through 4,294,967,295 seconds.
Specify one or more IPv4 addresses of the DNS server.
To enter more than one DNS server address, type the address, press Enter, and then type the next address.
Note: DNS servers are used to resolve hostnames into IP addresses.