Guys,
Can somebody please provide feedback of Junos 10.1R3.7 on SRX3600 (running
in chassis cluster)?
waiting for reply
thanks
Muhammad Fahad Khan
JNCIP - M/T # 834
IT Specialist
Global Technology Services, IBM
fa...@pk.ibm.com
+92-301-8247638
Skype: fahad-ibm
Hi folks,
I am trying to establish route based VPN between SRX3600(in Ch cluster) and
SRX210, but stuck in phase 2 (no proposal chosen)..
has any one experienced it??
thanks in adv
regards,
Muhammad Fahad Khan
JNCIP - M/T # 834
IT Specialist
Global Technology Services, IBM
fa...@pk.ibm.com
I had the same problem (between a SRX and a Cisco box).
It is most likely a mismatch between remote-net and local-net
configurations on each router.
Try to enable traceoptions.
edit security ike traceoptions
[edit security ike traceoptions]
set file size 1m
set flag policy-manager
set flag ike
mismatch between remote-net and local-net
can you elaborate ?
regards
Muhammad Fahad Khan
JNCIP - M/T # 834
IT Specialist
Global Technology Services, IBM
fa...@pk.ibm.com
+92-301-8247638
Skype: fahad-ibm
http://pk.linkedin.com/in/muhammadfahadkhan
On Wed, Sep 15, 2010 at 5:27 PM, Morten
If you fx. have defined
local-net 192.168.1.0/24 and remote-net 192.168.2.0/24 on one router
and local-net 192.168.2.0/23 and remote-net 192.168.1.0/24 on the
other.
Or application junos-ftp on one router and application any on the other.
The phase 2 part must be symetric.
But check the kmd
I donot have A/A in my env, and this is juniper's recommendation to upgrade
to 10.1R3
also can u further elaborate certain flow types
Thanks and regards,
Muhammad Fahad Khan
JNCIP - M/T # 834
IT Specialist
Global Technology Services, IBM
fa...@pk.ibm.com
+92-301-8247638
Skype: fahad-ibm
Flows that go in one direction, without return path traffic fail to flow
through the firewall, but work in 10.2
I've also found some other flow problems, and data-path debug usages issues
that are not working in 10.3. I rolled back to 10.2R2 last night.
What features do you require from 10.3
Hi Fahad,
Could you paste your 'ike' and 'ipsec' part of the configuration? And maybe
the policy configuration?
Most probably the problem is somewhere around 'proxy-identiy'.
regards,
On Wed, Sep 15, 2010 at 14:27, Fahad Khan fahad.k...@gmail.com wrote:
Hi folks,
I am trying to establish
Not having much experience with QOS other than accepting vendor/industry
recommendations, I used the exact steps in this document to set up a test.
http://www.juniper.net/us/en/local/pdf/implementation-guides/8010010-en.pdf
set class-of-service classifiers dscp branch_classifiers import
Hi Guys,
Is there a set speed for the st0 interface. The physical line is 100meg that
the st0 is bound to but I only seem to get 10meg out of it.
Any help appreciated.
Nick
--
This email and any files transmitted with it are confidential and intended
solely
Nick,
A secure tunnel interface is only as fast the entire network path end to
end. You can have a ST interface configured on a 100meg link but if the VPN
is over the internet and your internet connection is only 10meg...
If the secure tunnel (VPN tunnel) Isn't on your local lan and you're not
Hello,
I would like to enable IPv6 for subscribers connecting (PPPoL2TP) to our ERX310
(running 10.1.1).
I decided to use IPv6 local pool, the pool is configured and enabled service
dhcpv6-local.
What do I need to configure so the router will start assigning IPv6 prefixes to
the subscribers?
I
Is there a way to syslog a cspf or rsvp bandwidth reservation failure?
Maybe I'm just being really blind here, but I can't find a way to do it.
You can see these events in the cspf logs if you look at individual LSPs
with show mplslsp NAME detail:
1119 Sep 15 19:32:11.635 CSPF failed: no
Does it appear as 'dscp' in the config under [edit class-of-service
classifiers] after you pasted and committed? Or is it dscp-ipv6 there too?
If it says dscp, it sounds like a bug to me. *shrug*
David
On 15 September 2010 10:08, Bill Blackford bblackf...@nwresd.k12.or.uswrote:
Not
What I pasted below is from my EX 'sh class-of-service | display set'
So, no.
BTW,
EX3200-24T
10.0S6.1
-b
From: David Ball [mailto:davidtb...@gmail.com]
Sent: Wednesday, September 15, 2010 2:15 PM
To: Bill Blackford
Cc: juniper-nsp@puck.nether.net
Subject: Re: [j-nsp] Class-Of-Service
15 matches
Mail list logo
