Juniper NETWORK AND SECURITY MANAGER 2010.4 - CONFIGURING SCREENOS DEVICES GUIDE REV 01 Manual page 330

Configuring ScreenOS Devices Guide
306
You can configure three types of static routes: destination-based, source-based, and
source-interface-based routing. For each type of static route, you configure the following
information:
NOTE: Source-interface-based routing is supported in ScreenOS 5.1 and
later.
The interface on the security device on which traffic for the destination network is
forwarded.
The next-hop, which can be either another virtual router on the security device or a
gateway IP address (usually a router address).
The protocol from which the route is derived.
Preference (ScreenOS 5.1 and later only)—Controls the route to use when multiple
routes to the same destination network exist. The lower the preference value of a route,
the more likely the route is to be selected as the active route. By default, the preference
value is automatically determined by the protocol or the origin of the route. You can
modify a preference value from 1 to 255 for each protocol or route origin on a per-virtual
router basis.
Metric (ScreenOS 5.1 and later only)—Controls the route used when multiple routes
for the same destination network with the same preference value exist. The metric
value for connected routes is always 0. The default metric value for static routes is 1,
but you can specify a different value from 1 to 255 when defining a static route.
Keep route active when interface is down (ScreenOS 5.1 and later only)—Select this
option to ensure that the route remains active even when the interface link status is
down or the interface IP address is removed. By default, this option is disabled for all
route entries. To enable this option for a destination-based route entry, you must
configure the next-hop as a gateway (not a virtual router).
The virtual system (vsys) to which this route belongs.
NOTE: In the routing table, you must configure a default route (network
address 0.0.0.0/0) for the security device. You should also configure a
route from the device to the IP address of the Network and Security Manager
Device Server.
Comment (ScreenOS 6.2 and later only)—Enables you to add a description to a static
route that you configure. The description can be 1 to 32 characters in length. By
specifying the description for a static route, you can identify the traffic that routes
through the devices. It also allows you to search for a specific route in a route table
when there are many static routes configured on the security device.
For instructions for configuring virtual router static route entries, see the Network and
Security Manager Online Help.
Copyright © 2010, Juniper Networks, Inc.