Clik here to view.
Failover Issue
Huawei interfaces are configured to work as a bridge interfaces while bridging vlan 100.vlan interface is configured on Huawei for vlan 100.vrrp configured for vlan interface 100, higher priority set...
View ArticleRe: L2TP/IPSEC VPN behind static NAT not working
I'm assuming that your srx is public facing router, with following configuration security { nat { source { address-persistent; } static { rule-set bt { from interface pp0.0; rule vpn { match {...
View ArticleClik here to view.
Re: floating static route configuration issue on SRX1400
Hi Hisham, elkadiki wrote:Rule of thumb I give to my engineers is never trust the output of show security ike/ipsec sa or show interfaces st0.x terse after a simple commit. If the change isn't major it...
View ArticleRe: SRX firewall routing configuration
To see which routes are actually active you need to run the operational command: show routeor the more specificshow route protocol static This will show you the active routes indicated by the * symbol...
View ArticleRe: Failover Issue
Hello,I am no expert on Huawei, but what You described looks like reth3 MAC did not get re-learned by Huawei #1 after RG2 failover.In more detail:1/ SRX RETH has single MAC, much like LAG 2/ this MAC...
View ArticleMultiple vpns asymmetric routing issue
Hello everybody, I want to replace our SSG140 routers with the newer SRX240 models.However, I'm stuck with an asymmetric routing problem. We have our servers located in two datacenters, A and B.Our...
View ArticleRe: Accidental Power Loss - Juniper SRX 100H
Very strange occurance today. Everything appeared to be working since the slice repair on Friday, today I discovered the Juniper just was not allowing traffic to come externally. We had our ISP on site...
View Articleem1 down in HA cluster
Hello, Can someone please help?!?! I noticed that the em0 interface is up but the em1 interface is down root@test> show chassis cluster interfacesControl link status: Up Control interfaces:...
View ArticleRe: Failover Issue
Hi Alex, Thanks for the reply. Why Test 2 was not successful? This setup will not send gARP to L2 devices, but should send the ARPs saying 155 is with SRX_2?
View ArticleRe: Cannot access websites from located on trust zone internally
Many thanks Kinshuk Chakladar. You are champion.
View ArticleRe: SRX240 Dynamic Vpn with LDAP
I created 4 test users on my domain and added two of them into a group called vpnusers. I did not manually add any of those users to the dynamic vpn configuration on my srx, instead I just added...
View ArticleRe: SRX240 Dynamic Vpn with LDAP
Hi Gourami, Can you check the server side logs ( Active Directory ) and see what messages they recieved from the SRX and if it included user + group or not ? This should give you a clearly picture of...
View ArticleOSPFv3 adjacency issue on SRX5400
When configuring interfaces within the same zone, OSPF and OSPFv3 interfaces form adjacencies as expected. {primary:node0}[edit] root@node0.ucl# show security zones |no-more security-zone Campus {...
View ArticleRe: OSPFv3 adjacency issue on SRX5400
I have noticed that there is an error in the output of the second config and reth0.20 is inactive in both zones. This is an error on this occasion. What I meant to say was: {primary:node0}[edit...
View ArticleProblem with backup partition SRX 240
Hello all,I try to do an upgrade for an SRX240 box from version 11.4R10.3 to 12.1X46-D40.2I first use the command : request system software add no-copy validate...
View ArticleRe: Accidental Power Loss - Juniper SRX 100H
Very odd issue, from the description I doubt this is media related at all. Sound more like some kind of bug or a resource exhaustion, you might get this behavior if the session table was full and no...
View ArticleRe: OSPFv3 adjacency issue on SRX5400
Can you confim that the datacenter zone has ospf as an allowed protocol with host-inbound-traffic protocols
View Articlewhy i cannot see latest commit with runn show system commit on chassis...
configure warning: Clustering enabled; using private editwarning: uncommitted changes will be discarded on exitEntering configuration mode{primary:node1}[edit]FW02# commit comment ?Possible...
View ArticleRe: OSPFv3 adjacency issue on SRX5400
{primary:node0}[edit]root@node0.ucl# ... zones | display inheritance | except #security-zone Campus { host-inbound-traffic { system-services { all; } protocols { all; } } interfaces { reth0.10;...
View ArticleOSPF of IPSEC between vSRX and SRX
Trying my best to get ospf up between SRX and cloud vSRX. Below my config vSRX: set interfaces st0 unit 2 multipointset interfaces st0 unit 2 family inet mtu 1500set interfaces st0 unit 2 family inet...
View Article