Re: How to use USB memory on Junos CLI on SRX @15.1X49.
You need to create a temp folder and mount the drive there. Follow this example: http://kb.juniper.net/InfoCenter/index?page=content&id=KB12880
View ArticleRe: Static route depending on vpn state?
If you can use the tunnel monitor function this will remove the route when the tunnel is down.
View ArticleRe: kernel: watchdog: Time since last watchdog
The log message you have posted is shorter than the example in the kb so you would need to shorten your match criteria. match "!.*Time since last watchdog*";
View ArticleRe: How do I configure DHCP option 43 byte-stream with the new JDHCP service
Hi, did this ever get resolved?
View ArticleRe: How to add huge list of ips to prefix-list using CLI
Hi, I've noticed the same behavior when loading to terminal from a Console connection, which is probably understandable due to the buffer getting full. It works fine from an SSH connection and when...
View ArticleRe: After a successful commit changes don't take effect
Pulkit, I tried the commit full, but it didn't work (I only waited a little over 1 min before resorting to a reboot). Model: srx220h-poeJUNOS Software Release [12.1X46-D50.4] The rules/policies are...
View ArticleRe: IPSEC site-to-site --> Traffic not go through tunnel every 7 days?
I can see you are using route based vpn. How have you configured the static routes to reach the remote subnets across the VPN?
View ArticleLogging NAT
Hi Guys, I would like to push NAT logs to my syslog server, I set logs type to any, but unfortunetly I can't see anything about NAT on my syslog server. syslog { archive size 100k files 3; user * { any...
View ArticleRe: Dynamic VPN, Pulse Secure Error 1453
Thank you joses, That didn't fix the problem either. Could this be related to the fact that I can't ping by public IP address? Is there any reason I wouldn't be able to ping by public IP based on the...
View ArticleRe: Slow Site to Site VPN tunnel
Did you test transfer rate after by passing the IPSec? It could be some other issue. What proposal/proposal-set are you using ? I'd suggest to try different protocols. Thanks,MYN
View ArticleRe: Duel IPSec VPN (Active/Backup)
Though I've not tested on policy based But I'd suggest to use dead-peer detection under IKE Gateway ( define the public IP of remote site) and VPN monitoring under [edit security ipsec vpn] ( define...
View ArticleRe: Logging NAT
NAT logs are not separate but part of the overall policy flow logs. You need to enable logging on the security policy that will permit the NAT flow. Then add the flow logs to your syslog feed. There...
View ArticleRe: Dynamic VPN, Pulse Secure Error 1453
Hello , I see that you have enabled ICMP on ge-0/0/0 and it should be pingable . Also I do not see any NAT configuration so NAT is also not messing the HTTPS request or ICMP request . Can you confirm...
View ArticleRe: Is it guarentee ISSU chassis cluster upgrade no downtime?
Hello , Actually not tested with VRRP , hopefully it may be due to the same , since VRRP is used for intra chassis redundancy and ISSU upgrade downtime is based in inter chassis . So may be if you have...
View ArticleRe: What list of service that need to reboot the SRX?
Hello , You are correct , if you swap out any cards in Node1 you have to reboot only Node1 . No reboot of both nodes require .
View ArticleRe: How to use USB memory on Junos CLI on SRX @15.1X49.
Hi GENC, Just to elaborate what spuluka has mentioned.If you want to mount the usb using JUnos CLI, first create a a temporary folder where you would like to point your mounted usb:%mkdir...
View ArticleRe: SRX300 series VLAN interface
Hi Regalis, Make sure that all the physical interfaces which are configured under this vlan are up.There is a known issue that irb interface does not work when one of vlan members is down and will be...
View ArticleRe: What list of service that need to reboot the SRX?
Hi Joses, Noted. Thanks for your feedback.
View ArticlePort Mirror configuration on SRX5800?
Hi all, When i look into this url http://kb.juniper.net/InfoCenter/index?page=content&id=KB21842&actp=search i'm confius on step 7. It said need reboot. Another question do we need to assign...
View ArticleRe: Port Mirror configuration on SRX5800?
The reboot is only required if you change the mirror port between layer 2 and layer 3. So if the port stays the same mode, for example a layer 3 ip address, then no reboot is needed to change which...
View Article