juniper

One of Juniper Firewall SRX240H had a serious crash. Manual reboot/shutdown did not work. To reset it, I would have to do a hard reset / power cycle device. It would allow to log in from console, but you wont be able to see any configuration. Here is outputs from this crashed Juniper SRX240H console: {secondary:node0} [email protected] > show interfaces terse Interface Admin Link Proto Local Remote fxp0 up up fxp0.0 up up inet 10.9.1.11/24 fxp1 up up fxp1.0 up up inet 129.16.0.1/2 tnp 0x1100001 fxp2 up up fxp2.0 up up tnp 0x1100001 gre up up ipip up up lo0 up up lo0.16384 up up inet 127.0.0.1

Based on Juniper “ Junos Space Virtual Appliance Installation and Configuration Guide ” , JunOS Space “ must deploy the virtual appliance on a VMware ESX, VMWare ESXi or KVM server , which provides a CPU, hard disk, RAM, and a network controller, but requires installation of an operating system and applications to become fully functional.” In my test environment, one JunOS Space has been installed on Citrix Xen environment and it is working fine until we tried to import a license. The license was generated from Juniper License site and emailed to us in a txt file. It used to work on another

Issue Symptons: Normally, each firewall rule on the SRX auto-updates a snmp counter for hit-count, regardless of whether ‘count’ is configured or not. Juniper Space Security Director periodically polls these OIDs and updates the hit-count. In Junper Space 16.1 R1, the issue found is unable to view policy hit counts from Juniper Space Security Director, but SRX itself is keep updating. Actions Taken: Verify Security Appliance Policy Hits from Command line [email protected] > show security policies hit-count node1: --------------------------------------------------------------------------

For how to Install JUNOS Space Virtual Appliance at ESXi 5.5 , please check my previous posts:. Install JUNOS Space Virtual Appliance at ESXi 5.5 Installation of Junos Space Security Director and Managing Juniper Firewall Juniper vSRX Firewall (Firefly Perimeter) installation in ESXi and Managed by JunOS Space Import Existing Juniper SRX Cluster into JunOS Space Security Director Juniper Firefly Perimeter, also called vSRX is a virtual firewall from Juniper’s SRX product line. Firefly Perimeter provides security and networking services at the perimeter in a virtualized private or public cloud

Usually you can easily upgrade an application from the Junos Space user interface. You must download the image file for the new version of the application, navigate to the Applications page (Network Management Platform > Administration > Applications) and select the application that you want to upgrade. From the right-click menu, choose Upgrade Application to upload the image file into Junos Space via HTTP or SCP. But upgrade JunOS Space to latest version 16.1 is different and it is not a easy task. There are many steps to follow especially the last step to upgrade to 16.1 from 15.2R2. Here is

My old post “ Import Existing Juniper SRX Cluster into JunOS Space Security Director ” was created based on Space 14.1 and SRX11.x version. Now both have been upgraded. Space NMP and Security Director have been upgrade to 16.1 (Post is here ). SRX240H has been upgrade to 12.1D46.55. Basically, all steps are similar except the web interface is different. What you need to do is to configure your SRX cluster with a master-only ip on both nodes. The configuration should looks like this: [email protected] > show configuration ## Last commit: 2017-03-23 14:44:28 UTC by root version 12.1X46-D55.3;

Recently, experienced a SRX crash failure. SRX 240H was getting into crash and rebooted itself twice. At last, it came back normal. During checking system log, unfortunately could not find out any details and clues for this crash. Only clues are from console screen. There are some dump messages showing up: [email protected] > NMI Exception on core:0 Watchdog status, core 0: 0xfffe6fffffb FPA INT Summery: 0x0 Err EPC: 0x80745f50 Trapframe Register Dump: zero: 00000000 at: 00000001 v0: 00000001 v1: 0000000e a0: 000003e8 a1: 00000001 a2: ffff8010 a3: ffffffffd6f23176 t0: 00000208 t1:

There is a new project to configure a new pair of Juniper SRX1400 as Chassis Cluster implementation for one of our customers. Juniper documentation does not have clear guide for 1400 this device although I did find some of configuration guide for high-end device. During set up, I was confusing those ports numbers and fab and control port connections. This post is used to record my steps how to configure them. root> show chassis hardware Hardware inventory: Item Version Part number Serial number Description Chassis BH1014AA0023 SRX 1400 Midplane REV 03 711-031012 ACDA5607 SRX1k Backplane PEM 0

Our Juniper STRM is running out of space after receiving more and more logs from Check Point management server and Juniper NSM. Since my STRM 500 only has about 400G storage capability and there is no other way to get budget to upgrade it to other expensive model, I decided to manually archive some older data out of this box. The steps are quite straightforward, just need to find out log folders and tar them , move them to remote ssh server. 1. Current Situation: 88% disk has been used and it is going to stop receiving the logs and flows from sources. Also reports will not be able to generated

While using PRTG to monitor our firewalls, we found by default it could not poll Juniper SRX’s CPU and flow information with auto discovery method. From command line, we are able to use following SNMP Mib to get CPU, Memory and Flow Session information, but not directly from PRTG. PRTG is powerful network monitoring tools for enterprise with following features I likes : Easy to deployment, as it said it can be installed in 2 minutes Auto discovery methods to find monitoring elements. Support distribution implementation. You could install agents it in multiple location. Support Multiple