Clik here to view.
Re: bfdd and mib2d shows over 7000 wcpu
Hi ,Actually we are using the srx 210 as external gateway and allowed the policy as untrust to trust any and in our core firewall srx 240 we allow only the things we want. After adding the policy in...
View ArticleRe: bfdd and mib2d shows over 7000 wcpu
Hello Gautam, I'm glad the issue is resolved. As you might already know, it is not recommended to allow all the traffic from Untrust to Trust and I guess due to that traffic rate went high on the SRX...
View ArticleClik here to view.
Re: bfdd and mib2d shows over 7000 wcpu
Hi ,I think the cpu utilization is not constant it came back again in syslog:
View ArticleRe: SRX flowd problem
I'm having trouble seeing the entire picture. Can you please provide config for your interfaces, routing-instances and routing-options as I cannot see which table from where vlan.3 and vlan.401...
View ArticleSRX1400 - lost "contact" to the SYSIO card in FPC0
Hello all, we are running two SRX1400 as a cluster.After running for quite some time without issues, suddenly the secondary node lost all his network interfaces.Checking the cluster hardware it seems...
View ArticleRe: SRX1400 - lost "contact" to the SYSIO card in FPC0
Hello Hermod, I would suggest to re-seat the SYSIO and if the issue persists again then RMA has to be initiated. Regarding Interface monitoring, Have you configured the weights properly? i.e. Your...
View ArticleRe: SRX1400 - lost "contact" to the SYSIO card in FPC0
Thanks for your reply.This is the requested output: set chassis cluster control-link-recoveryset chassis cluster reth-count 12set chassis cluster redundancy-group 1 node 0 priority 200set chassis...
View ArticleRe: SRX1400 - lost "contact" to the SYSIO card in FPC0
Hi Hermod, This seems like a strange issue. Even though the interfaces disappear on the secondary node, the jsrpd should trigger a failover. I have seen this behaviour in older Junos version where the...
View ArticleRe: SRX flowd problem
Yes of course# show interfaces vlan unit 3 family inet { filter { input lan-filter; } address 192.168.0.78/24;}# show firewall family inet filter lan-filterterm to-ftd {...
View ArticleRe: SRX flowd problem
Thanks for the configuration. It's like I suspected but good to get confirmed. First of all - to avoid any misunderstandings: firewall filters equals to access-list on eg. Cisco devices. The actual...
View ArticleRe: JWEB on SRX1500 using junos 18.4 cannot open?
The solution suggested by Nellikka fixed it for me.
View ArticleDHCP pool assign issue
Hi all ,I have a problem when config dhcp-local-server.I create 2 address-assignment pool , one for dynamic assign (guests) , one for static assign (servers or devices).Like this pool static{...
View ArticleRe: SRX flowd problem
wrote:3) Keep using your filter-based forwarding with a firewall-filter on vlan.3. It's perfectly fine, security policies are still evaluated. Remember - this is just changing your next-hop, not...
View ArticleRe: DHCP pool assign issue
Hi, The interface's subnet and DHCP pool IP addresses should be in the same subnet. From the below KB article, it is mentioned that "Clients are assigned addresses from pools with subnets that match...
View ArticleRe: DHCP pool assign issue
Ummm,But I set two IP in same interface , 192.168.1.1 and 192.168.2.1 , DHCP server on it too.
View ArticleRe: DHCP pool assign issue
pool static{ family inet { network 192.168.2.0/24; range static{ low 192.168.2.0; high 192.168.2.0; } dhcp-attributes { name-server {...
View ArticleRe: DHCP pool assign issue
In this case, I think SRX is using 192.168.1.1 as the Primary IP address and that's the reason IP address is assigned from this pool. If you would like to use 192.168.2.1 then you have to set the...
View ArticleRe: No Line End Character SRX240H2 latest firmware
Still the same problem with 12.3X48-D105
View Articlevpnc @ ubuntu IPSec VPN (dynamic) to SRX300
Hi ALL, I would like to setup IPSec client to site VPN with client Ubuntu 20.04 with vpnc. https://askubuntu.com/questions/488435/cisco-vpn-configuration-stepsI would like to know ... are there any...
View Article