COS to QOS, "exact" conditions ?
I have configured COS and it isn't just for PC hosts. I have put some wireless AP's on ports ge-0/0/13.0 - ge-0/0/15.0 . They are routed and have QOS running. In those routers I have set bandwidth...
View ArticleRe: Flow Session Lookup Fails for return traffic when sourced from the SRX
Hi dwolcot1, Understood, no problem. Could you check if you have enabled 'ike' on ge-0/0/2.0 and if not enable it and test it? Regards,HS
View ArticleRe: Flow Session Lookup Fails for return traffic when sourced from the SRX
dwolcot1, Can you provide a display set for both the ip addresses please?Something like this:show | display set| match 10.254.254.254show | display set | match 10.254.255.130And, show the ike + ipsec...
View ArticleRe: COS to QOS, "exact" conditions ?
Hi eugene1973, Please find the answers inline below: 1. Should I try to match the QOS bandwidth limit on the AP's? A1: I guess this is dependent on your environment and how the APs are performing with...
View ArticleRe: Flow Session Lookup Fails for return traffic when sourced from the SRX
Pooja,Here is the requested info. user@SRX340-01> show configuration | display set | match 10.254.254.254 set system syslog host 10.2.45.31 source-address 10.254.254.254 set security log...
View ArticleRe: Flow Session Lookup Fails for return traffic when sourced from the SRX
hsrinivasan, I don't think I need IKE enabled on my trust interface? I have it enabled on interface in my untrust zone where the IPsec tunnel terminates.
View ArticleRe: Flow Session Lookup Fails for return traffic when sourced from the SRX
dwolcot1, Thanks for sending the display set information. Can you test traffic through this very vpn which isn't sourced on the firwall itself?Meaning non junos-host sourced traffic that transits the...
View ArticleRe: Flow Session Lookup Fails for return traffic when sourced from the SRX
Agreed, my bad. I thought your ge-0/0/2 interface was your untrust interface. Regards,HS
View ArticleRe: Flow Session Lookup Fails for return traffic when sourced from the SRX
pmallya, I've tested prior and it works for any other device on the same subnet. Are you wanting me to provide a secflow trace for the working flow?
View ArticleRe: Flow Session Lookup Fails for return traffic when sourced from the SRX
hsrinivasan, not a problem. I'm glad you are helping take a look. The more eyes the better. Thanks
View ArticleCoS based on Cloud destination
Sorry I'm new to Junos and some quick help.I have SRX345 with JSE and would like to priotize traffic to Line of Business Cloud websites (e.g https://www.abc.com, https://www.def.com. I have a 16MB...
View ArticleSRX320 has identity crisis and thinks it's an SRX300
The SRX320 is running 15.1X49-D120.3This switch used to work fine for ±1 month on my desk, but after a reboot today, the PoE stopped working. It's like it doesn't even exist in the config. I tried to...
View ArticleRe: SRX320 has identity crisis and thinks it's an SRX300
My SRX320's show up as 300's as well. I think this is normal. The SRX is a firewall, but you keep calling it a switch--are you sure you are logged into the right device? Otherwise, it's possible the...
View ArticleRe: Flow Session Lookup Fails for return traffic when sourced from the SRX
Hi dwolcot1, I mean, a flow trace of a source that doesn't sit on the firewall itself (like ge-0/0/2 in this case). Do you think you can share a trace in the scenario where we hit the same...
View ArticleRe: SRX320 has identity crisis and thinks it's an SRX300
Hi viz, I suppose this isn't an expected behavior. So would recommend opening a JTAC case for it to be investigated further. Please Mark My Solution Accepted if it Helped, Kudos are Appreciated too!!!...
View ArticleRe: SRX320 has identity crisis and thinks it's an SRX300
Hi viz, I just did a quick test in my lab and I see the following output on my SRX320-poe: root@t11-40> show version Hostname: t11-40Model: srx320-poe <<<<<Junos: 15.1X49-D120.3JUNOS...
View ArticleRe: SRX320 has identity crisis and thinks it's an SRX300
Hi viz, Can you confirm if you have any Jflow services configured on this SRX? CheersPooja
View ArticleRe: SRX320 has identity crisis and thinks it's an SRX300
Viz, Please check that by any chance lldp is enabled on SRX, if yes disabled that and reboot the SRX box again to see if that fix the problem.
View Articlestandby node liveliness to be monitored in HA
Hi Guys, we have srx1500s set up in HA. currently our NMS only monitor the liveliness of the active node. is there a way to monitor the back up node to alert us by NMS if it reboots or goes down? thanks
View ArticleRe: SRX320 has identity crisis and thinks it's an SRX300
Hi This seems strange indeed. Can you connect via console and check the same? Regards, Vikas
View Article
