192.168.1.1/24 is not within the subnet of any address on this interface
I have got a very strange error as below when I tried to configure web authentication on my SRX junos 11.1R4.4
[edit system services] root@fw1# commit [edit interfaces vlan unit 10 family] 'inet' Web-authentication address 192.168.1.1/24 is not within the subnet of any address on this interface error: configuration check-out failed
I didn’t actually recall having this error on my 10.4 version but I may be wrong. However 192.168.1.1 address was the only address configured under interface stanza.
[edit interfaces vlan unit 10] root@fw1# show family inet { address 192.168.1.1/24 { web-authentication http; } }
Then after a few minutes the penny dropped. Perhaps it isn’t allowed to set one interface for traffic and web authentication purposes and I tried using a separate ip address than the primary one and bingo! it worked.
[edit interfaces vlan unit 10 family inet] root@fw1# show address 192.168.1.1/24; address 192.168.1.2/24 { web-authentication http; }