Tunnel between SRX's not passing traffic
Hello everyone!! I have a SRX210 here in my office, and I just setup a cluster of SRX340's at a client network. I setup a tunnel between them, using a working config example, and the IKE and IPSEC...
View ArticleRe: Tunnel between SRX's not passing traffic
Well it's fixed. Added one line to the config, which may or may not have done anything. Added the following to the ike gateway information, which wasn't necessary on any other connection:set security...
View ArticleRe: HSRP Feeds from ISP to clustered SRX 240 pair
There is a configuration example for the current SRX versions in the 2019 Junos Cookbook Connecting an SRX Cluster to a VRRP Router Download a free pdf copy on the forums...
View ArticleSRX300 firmware upgrade error
Hi SRX users, I just upgrade from junos-15.1X49-D150 to junos-18.2R3. after upgrade & boot. I get this boot error message: Mounted junos package on /dev/md1...OAutomatic reboot in...
View ArticleRe: SRX300 firmware upgrade error
Thereafter I found out that the error message, I would like to downgrade, here are the error message during the downgrade. root> ... add no-copy /var/tmp/junos-srxsme-15.1X49-D190.2-domestic.tgz...
View ArticleRe: SRX300 firmware upgrade error
Hello, wrote:Thereafter I found out that the error message, /config/juniper.conf:5721) syntax error at 'rfc-compliant' [edit system phone-home] 'rfc-compliant;' syntax errorValidation...
View ArticleSRX650 Upgrade Path
HI, I am trying to upgrade a dual site SRX650 A/P cluster from 12.1x44-d35.5 to 12.3x48-d85 and would like some advice on the incremental steps required? Any help geatly appreciated.
View ArticleRe: SRX650 Upgrade Path
You can directly upgrade in this path and there are two basic options. ISSU which generally will have no downtime but does have some caveats and risks as outlined in the procedural kb article....
View ArticleRe: SRX650 Upgrade Path
Thanks Steve, So just to be clear there is no requirement to incrementally upgrade in steps?
View ArticleRe: SRX650 Upgrade Path
Correct, you can jump up to three major Junos versions in one step.The major version is the first number.
View ArticleRe: SRX650 Upgrade Path
Quick note: SRX branch series (SRX100 -> SRX650) does not support ISSU upgrades. You can do "ICU" which limits your downtime to roughly 30 seconds. More information regarding ICU is found...
View ArticleRe: SRX650 Upgrade Path
Thanks all, Looking at the support page for the SRX650 it does show 12.3X48 as the recommended release but in the Software is shows JunOS 18.1 listed. Should I be updating to 18.1 to remain current?
View ArticleRe: SRX650 Upgrade Path
This looks like an error in the documentation. Junos 18.1 is not supported on the SRX650 device. Please go with Junos 12.3X48 which is the only currently supported Junos train on SRX650.
View ArticleSRX clustering over layer 2 network on CIsco 6500s
We have a pair of SRX4600s, and I can cluster them when directly connected, but they fail with the clustering is a layer 2 network carried over Cisco 6500 switches. The configuration looks like...
View ArticleRe: SRX clustering over layer 2 network on CIsco 6500s
Hi, Did you make sure IGMP snooping is disabled on the switches? Please also share: > show chassis cluster status> show chassis cluster information detail (this is a hidden command) When the Fab...
View ArticleRe: test config terminal syntax error on }
Yeah, Mac iterm2 seems to have an option in Edit > Paste Special > Paste Slowly, maybe I'll try that. Weird it worked the other day without doing this. Meanwhile, I can't really tell which } it...
View ArticleRe: SRX clustering over layer 2 network on CIsco 6500s
Could you take a port mirror on the Cisco switches to confirm if the traffic is crossing your switched network from side to side. This could help you to determine if the packets are actually dropped on...
View ArticleRe: (No) traffic through Dynamic VPN. Sometimes
A client update has been released: https://kb.juniper.net/InfoCenter/index?page=content&id=TSB17441&act=login100% broken connections so far in my testing. Curious to see if this update helps...
View ArticleRe: test config terminal syntax error on }
Hello, wrote: Is there some online way to test candidate configs to check for errors before pushing to a real box? Your options here are:1/ vSRX on own server, in AWS or Azure cloud - but then...
View Article