Re: LCC 0 offline
Generally this will indicate a hardware failure on the board if it is happening continuously. You can try to remove and reseat the board first to see if the issue clears.
View ArticleRe: LCC 0 offline
Hi, Please share the following outputs for further analysis :- >show chassis alarms>shoe chassis fpc pic-status>show system core>show versionRegards,Sahil SharmaPlease mark my response as...
View ArticleRe: Traffic fails over VPN SRX
Hi,Will changing the mtu affect other VPN's? Will I lose connection? I'm working from the remote end. thanks.
View ArticleRe: SRX - VPN Issues - Address Translation
Is the VPN a site to site vpn or a dynamic one? On a site to site VPN you are going to look for the NAT rules applied to traffic from that VPN. On a dynamic VPN you will likely need to look to create a...
View ArticleRe: After abrupt power loss SRX300 stack in Octeon srx_300_ram# prompt and...
The SRX has only one primary boot partition by default. When an unexpected power loss occurs at the wrong moment this partition can be corrupted resulting in a failure to fully boot. This is what you...
View ArticleRe: SRX240 Max BGP Peers
I've not noticed license limits on the number of BGP peers. But on branch devices I would pay close attention to memory utilization on such a large number of peers to make sure the device is not...
View ArticleRe: SRX220 Juniper crazy DHCP
I have seen this occur when there are no lease times configured is system dhcp. Add a default lease time to prevent pool exhaustion by keeping addresses out of the pool when they are no longer being...
View ArticleRe: DNS-Name Wildcard Entry
If you want to know the reasons or where this might be on feature roadmaps you will need to have off-line communications with your sales engineer. Like many publicly traded companies, Juniper does not...
View ArticleRe: Webserver not working
From your configuration it looks like you are forwarding the same address in use by the actual interface ge-0/0/0 to your web server. Since the SRX is using port 80 already on this address you cannot...
View ArticleRe: View system connection detail.
Yes, likely the connection was before the filter application. You may also find this free publication helpful. Chapter 5 reviews all the recommended security settings on a Junos device....
View ArticleRe: Can someone explain this PR1251752?
I don't think the PR applies to your situation, if I understand your description correctly. You appear to say that when you make a DNS query behind the SRX you get a private address answer instead of...
View ArticleRe: category list not getting hit on EWF
The statistics suggest your SRX is not able to successfully communicate. What is the status command showing? show security utm web-filtering status
View ArticleRe: IPSec VPN not stable- connection keeps dropping out
From the logs it looks like the SRX is not getting a response to the rekey request. Can you confirm that the lifetime is the same on both the SRX and StrongSwan for both phase 1 and phase 2?
View ArticleRe: SRX240 Max IPSec VPN's
Some limits on the spec sheet are hard coded and some are best estimates based on resources. JTAC is your best source to know for certain which applies in any particular case. For the resource based...
View ArticleRe: IKE negotiation failed with error: IKE gateway configuration lookup...
You are reading that correctly. If no traffic selectors are configured the proxy-id sent by the SRX is 0.0.0.0/0 local and 0.0.0.0/0 remote. This will need to be the same as the Cisco "interesting...
View ArticleLogical system
1- If there is 2 virtual routers inside a single LSYS, and a session path through these 2 routing instances , do i expect 2 sessions ? 2- if i have 2 LSYSs , each LSYS has 2 routing instance and a...
View ArticleLogging not send to syslog file
Hi all, I am not able to get logging on the file which has been created: This is the conf for syslogxxx@xxx# run show configuration system syslog archive size 100k files 3; user * { any emergency; }...
View ArticleClik here to view.
Re: SRX240 Max IPSec VPN's
Hiya, Thanks for the response. We don't see a rise in CPU on the cluster (about 20% relatively consistently), RE memory is about 50%, however SPU memory is consistently 50%. I'm probably happy to...
View ArticleRe: SRX240 Max IPSec VPN's
Are you running A/A or A/P cluster? In A/P all tunnels terminate on the active node. In A/A tunnels can terminate on either node. So I think theoretically speaking, it should be able to easilly...
View ArticleAnti-virus Kaspersky not working with temp license
Hi everyone,I need help in Anti-virus Kaspersky. We planning to buy a license for Anti-virus and before we wanted to test it.But after configuring and installing temp license , i don't see any...
View Article
