Using dynamic DNS at SRX with non DYNDNS service provider

When placing a network equipment without a static IP address, the best way to remote access to the device is by using the dynamic DNS service. Juniper has import this feature into their network security products such as Netscreen ScreenOS and JunOS SRX.

I recently has replaced my SSG with the SRX, and am having trouble updating the DDNS record with the built-in DDNS feature. What happen is SRX only offer 2 options of “dyndns.org or ddo.jp”, any service other than these 2 are out of questions. Since I am using HE.net for DDNS, that does not do my any good.

 

20160521-DDNS-SRX_DDNS_server

So my work around is: to map the dyndns domain name to a HE.net dns server IP address with the following command. The command below is to bind the members.dyndns.org (the dyndns.org DDNS service domain name) to the IP address of 184.105.242.3 (the DDNS service domain name). Continue reading

Advertisements

Turning Raspberry PI into WIFI AP (in bridge mode)

20160514-vSRX_to_PI

Turning raspberry PI into WIFI AP: SSG5 to SRX migration (part 2)

Due to the insecure of internet platform, I have decided to run a security appliance at home to replace my SSG firewall. My newest design is to have SRX as the SSG replacment. Since SRX lacks of the feature of build-in WIFI, I have decided to use RASPBERRY PI as the WIFI AP bridge to cover the wireless access feature. In part 2 of this migration, it mainly focus on turning the RASPBERRY PI as the WIFI AP and bridge it to its ETH0 interface.

The WIFI AP elements:
– Raspberry PI model B
– 0ace:1215 ZyDAS ZD1211B 802.11g

Design for PI:
– Since the ESXi host is using trunk, the PI needs to have its NIC ready to take tagged and untag packets.
– PI turns the WIFI NIC into WIFI access point
– PI needs to bridge the ETH NIC and WIFI NIC to extend the SRX LAN boardcast domain with wireless capability.

Continue reading