Issues with Vlans in EX4200 Juniper switch

  • Hello guys,

    I have two issue in my network environment at present.

    here is the issue,

    I have two Juniper EX4200 switches which are connected through a virtual chasis and that makes the two devices into one device but one is master and the other is backup.

    I have a total of 5 vLans out of which 3 are tagged and 2 are untagged. here are the vlans details


    vlan 10
    vlan 11


    vlan 120
    vlan 128
    vlan 129

    routing protocol used

    OSPF with Area 0 between vlan 120, 128 and 129


    1. I still don’t have perfect communication between all the tagged vlans (vlan 120, 128 and 129) though they have their ip addresses defined as (, and which act as their gateways for different computers. how to get perfect communication between these vLans? I am able to communicate 120 vlan from 128 but not completely from 129 and vice versa,how to resolve this issue?

    2. I need to make all these 3 tagged vlans to talk to a public network, is it possible? if so, how? how do we go with establishing a communication between the three vlans and the public network? i think we will need to create a port which acts as an interface between these vlans and the public network. (public network gateway is

    could you please help me with it? I mostly use j-web interface and I can also use the ssh console for the switch? could you also please explain me the best way to do routing between vlans so they communicate between each other?


  • Thanks for the reply, I will try this …

  • Global Moderator

    Why don’t you extent your public gateway lan to your EX switch?

    i.e. create a VLAN on your EX with on it for example, and then on the ex-series you can just do [system routing-options static route next-hop]

  • Actually I am thinking of connecting a cable which is connected to the public gateway router to this switch so that the vlans already configured can access the public gateway. so to do this, I will need to define another vlan as l3 interface, then route to the public gateway ( right?

  • Global Moderator

    TO be clear: Is it HOSTS connected to your network that can’t ping each other? Or are you running pings from the switch using different source addresses?

    You don’t specify where your public gateway is.  IS it on the same switch? IF so just add a default route to it.  If it’s not, add a default route to the device that CAN connect to the public gateway.  It’s just basic routing.

  • Thank you muppet for the suggestion. Yes, I will need to read some books on routing. when I mean can’t communicate properly, I am able to get a response from my vlan 128 to 120 but not vice versa and also I am not able to communicate between vlan 129 and 120. Hence I am on this forum to get answers.

    thanks for the reply regarding creating another vLan so that i can route it to my default gateway. But, in my case, my public interface gateway is /24 and not /30. how can I go about it?

  • Global Moderator

    I know this is going to sound rude, but you really need to grab some books and start reading.

    What do you mean you “can’t communicate?”  Are you talking from hosts connected to these VLANS?  Have your hosts set their default gateway properly?

    You don’t post any configs, so it’s impossible to begin to guess what could be wrong.  If you want your tagged VLANs to talk to the Internet, create another VLAN, assign a /30 to that VLAN’s L3 interface and then route to the other end of the /30 (your default GW)

    But really - I don’t mean to be rude, but step back and read a couple of books on the very basics of routing.