Juniper SSG5 trouble switching the zone on an interface

I’m sure this will apply to other models as well.  Trying to make configuration changes to the interface gives an error similar to: “cannot edit interface, interface currently in use”.  Sadly, simply unplugging the interface is not the solution.  In my case, I had to remove the interface (or rather, an address that routes through that interface) as a DNS Proxy to allow it to be editable (other things I also tried that may or may not be required: deleting all policies associated with the zone the interface is in – I’ve tested this and it looks like it’s not required; deleting policy elements -> addresses for that interface; deleting an address using the interface from DNS -> Host).

I basically went through my config file looking for things referencing the zone that the interface was in / interface / IP addresses that route through that interface.  Unfortunately it’s quite irritating.

Leave a Reply

Your email address will not be published. Required fields are marked *