Re: SRX 550 - NAT
Yasmin!! Thanks to your suggestion I was able to see the error:Mar 28 21:32:03 21:32:03.122183:CID-0:RT: app 0, timeout 60s, curr ageout 60sMar 28 21:32:03...
View ArticleClik here to view.
SRX enrol with JATP problem
Hi,I think that is the first post on this forum about SRX enroled with JATP.I follow documentation here:...
View ArticleHigh CPU utilization due to "ifmon" process in chasiss cluster?
Hi All, Can someone explain to me what exactly function for this "ifmon" process. Is it any impact if i kill this process. Can someone guide me how to kill this process? Appreciate some feedback...
View ArticleRe: High CPU utilization due to "ifmon" process in chasiss cluster?
Hi, ifmon is a process which ran when you issue cli command "monitor interface <interface name>" Example:In first terminal window:> monitor interface ge-0/0/0 In second terminal window from...
View ArticleSRX110 - Compact Flash - Config-File
Hi guys, just a quick one / please send confirmation: For SRX110 Boxes, the config for the box is only stored on the CF-Card.So if you remove the CF-Card, the box will not boot up -> correct ? BR,...
View ArticleRe: SRX110 - Compact Flash - Config-File
Yes, That is correct. It does not have any HD.
View ArticleRe: SRX110 - Compact Flash - Config-File
Great !Thanks for the fast reply. BR, Christoph
View ArticleRe: IP Sec site-to-site VPN Poor performance
Hi, I used the commonad you gave. Here is the analysis. From India traffic is leaving from Singapore side and there it is having 25% of loss and also when it enters into USA there is 10% of loss. So...
View Articleerror when I create zone in vlan.
Hello, We need to create a zone in vsrx, but we have a error when executate this accion. {primary:node0}[edit security zones]root@fw-mci-cl-01-vSRX-Node0# set security-zone SL-COSTUMER interfaces reth2...
View ArticleRe: error when I create zone in vlan.
reth2 interface is configured with unit 3281 and 3320. It does not have unit 0 logical interface. Remove reth2.0 interface from zone config and add the configured unit number like reth2.3281 ,...
View ArticleRe: error when I create zone in vlan.
Hello Raul, When you do not explicitly mention the interface unit under security zone, it defaults to unit 0. In your case you used - set security-zone SL-COSTUMER interfaces reth2...
View ArticleRe: High CPU utilization due to "ifmon" process in chasiss cluster?
Hello there, In addition to the suggestion above, You may also like to run the command "show system users" and log out the users who are not actively working on the device. Also look for any script...
View ArticleRe: SRX enrol with JATP problem
Hi, This issue is generally seen when there is some kind of validation failure. Please check the licenses on the vSRX. Sometimes presence of more than 1 licenses for JATP or presence of an expired...
View ArticleRe: IP Sec site-to-site VPN Poor performance
Hello Sagar, If there is 35% drop by the ISP on plain text traffic, there is nothing you can do on SRX to fix it. I believe you should reach out to your ISP with this evidence asking NOT to throttle...
View ArticleSite to site VPN with self signed certificate
Hi all,I have 2 x 4100 SRX. I want to create a site to site VPN between them using self signed certificate. Can anyone help?Thanks
View ArticleWeb interface error
Hi all,I’m using a loopback address to manage my SRX 345. It is fine for SSH but when I navigate to the device in a web browser it redirects me to /servererror.php?code=401Anyone know why this...
View ArticleRe: Web interface error
Hello there, Error 401 stands for unauthorize connection. I would suggest you to make sure that both loopback and the ingress physical interface are configured under root# show system services...
View ArticleIn a multicast network, can the SRX be LHR/FHR or RP/FHR at the same time?
Hi Team, I'm looking if there is a way we can make the SRX to act as RP/FHR at the same time. Or LHR/FHR. I know the SRX can only have one role, however I have a customer that only has 2 SRX's and we...
View ArticleRe: Dynamic Traffic Shaping
Yea I obviously didn't think through how a 20Mb shaper on ge-0/0/1 would work, that's exactly what I need, thanks
View Article