Re: Routing-Instance and ISIS Routing
Hi, You can assign an address to all the units of loopback (including 0). Junos only allow one loopback in global table so any new unit interface you create must be in routing-instance.You can keep lo0...
View ArticleRe: rate-limit for each client in SRX240
it does not seem strange to limit the clients bandwith, otherwise a single client could use all the internet bandwidth!
View ArticleClik here to view.
Re: Jflow COnfiguration on SRX1400
Just for the record if anyone has a similar doubt in the future I leave the final configuration below:SRX1400 set forwarding-options sampling instance instance1 input rate 100 set forwarding-options...
View ArticleRe: Routing-Instance and ISIS Routing
Hi, Thank you for tha response. Okay, I have a strange issue occuring.... I have configured as suggested: set interfaces lo0.10 family inet address xxx.xxx.xxx.xxxset interfaces lo0.10 family inet6...
View ArticleRe: Routing-Instance and ISIS Routing
Hi,On SRX-A ae2 is in routing-instance. Are you using “ping x.x.x.x routing-instance Customer-VR” while pinging form SRX-A?
View ArticleRe: Manual failovers too LONG on SRX550 with bdf or lacp
Hi Python, thanks,I agree. And made the following tests : I unplugged the power supply of SRX1 in order to simulate the chassis loss, and measured how long the trafic going through the SRX cluster...
View ArticleRe: Routing-Instance and ISIS Routing
I am a bloody idiot sometimes..... I have been telling another Colleague that when a VR is being used EVERYTHING must be done via that VR and then I make that mistake..... Sorry for waisting your...
View ArticleRe: Routing-Instance and ISIS Routing
No worries! ☺ It happens sometime.Please help close the thread so that others can benefit from it.
View ArticleFail-over to an alternate router
Two edge routers on the LAN. A Primary SRX at 192.168.0.1 and the backup DSL router at 192.168.0.2. I have ip-monitoring working so that on fail it inserts route 0.0.0.0/0-192.18.0.2 but none of the...
View ArticleRe: Fail-over to an alternate router
Hi Folks,Can you please share the SRX device configuration?
View ArticleRe: Upgrading from 12.1X44-D40 to 12.1X46-D60 fails
Hi Folks,Just my 2 cents on this... Interesting KB article, https://kb.juniper.net/InfoCenter/index?page=content&id=KB29811
View ArticleRe: Possible to prioritise BGP keepalive messages ?
Hi Folks,Just my 2 cents on this... Interesting TechPub articles, influencing of hostbound traffic egressing can be done in two ways. All host-bound traffic or specific protocols. Default Routing...
View ArticleRe: SRX real lab with ability to ping from win10 machine
Hi Folks,Just my 2 cents on this... If you have plans for checking stuffs with Virtual Machine; then you don’t need a “4port PCIe ethernet port”. You can create virtual bridge and connect the VM;s in...
View ArticleUsing vlan interface for source nat?
Hi,Is it possible to use a l3.interface for source NAT? Kind of something liek this...: vlan-nat1 { vlan-id 30; l3-interface vlan.30;}security-zone nat1 { interfaces { vlan.30...
View ArticleRe: Fail-over to an alternate router
Here's the config ## Last changed: 2017-12-21 05:36:08 GMT-6version 15.1X49-D75.5;system { host-name xxx; time-zone GMT-6; root-authentication { encrypted-password "xxx"; }...
View ArticleRe: Active sessions timeout @ 14,400 seconds (4 hours)
I'm seeing this with BGP sessions over IPsec tunnels to AWS since I enabled node1 in my cluster. I was running 12.3X48-D40 and it continued after I upgraded to 12.3X48-D55. Was there ever a fix?
View ArticleRe: Static routes with RPM
Hi Folks,Junos Security: A Guide to Junos for the SRX Services Gateways and Security Certification is a good book covering such use cases...
View ArticleRe: Access to interface in default routing instance
Hi Folks,One more KB that could be useful, https://kb.juniper.net/InfoCenter/index?page=content&id=KB13080&actp=METADATA
View ArticleRe: I am not able to access my protected resources via Dyn VPN from public...
Hi Suraj, Thanks for dedication. I tried moving the policy up . but it was not successful. i found that issue was in proxy arp since they were in the same nertwork. Since everytime the IP was...
View ArticleRe: Using vlan interface for source nat?
Is the interface vlan.30 up/up?show interface terse vlan.30 For a layer 3 vlan interface to be up there has to be a physical interface in the same vlan that is also in the up/up status. the nat and...
View Article