Hello the List,
I have a problem with an redundant interface reth2.
I think the configuration is right, but I can't ping the @ IP
The physical link is up, but the redundant interface is not enabled.
How can I do, to have the reth2 physical link enabled ?
Thanks for your help.
Roland DROUAL
I want to add:
The interface reth2 is connected to an interface ge-0/0/21 on a switch
EX4200.
The interface is in trunk mode. (it's the same if the interface is in
access mode).
This interface ge-0/0/21 is UP.
Thanks for your help
Roland DROUAL
titi@AS-EX4200-01# show interfaces ge-0/0/21
Did you create the reth interface with:
set chassis cluster reth-count 3
The reth-count needs to be at least 3 since numbering starts at 0.
Thanks,
Ben Boyd
--
Sent from my iPhone 4s
On Jun 11, 2012, at 5:49, roland DROUAL roland.dro...@paris.iufm.fr wrote:
Hello the
On 6/11/12 5:49 AM, roland DROUAL roland.dro...@paris.iufm.fr wrote:
Hello the List,
I have a problem with an redundant interface reth2.
I think the configuration is right, but I can't ping the @ IP
The physical link is up, but the redundant interface is not enabled.
How can I do, to have the
Thank you.
I typed:
set chassis cluster reth-count 5
and my config is right now.
I lost my chassis-cluster 2 weeks ago with 5 reth, and I don't know why
the new config was with reth-count = 2
It's OK now,
Thank you
Roland DROUAL
Le 11/06/2012 14:08, Clay Haynes a écrit :
Can you run a
Hello the List,
I have a problem to ping a node on internet.
From INSIDE network, I can ping a node on DMZ network.
From DMZ network, I can ping a node on INSIDE network
From the SRX650 , I can ping a node on INSIDE network, and a node
on DMZ network.
From the SRX650 , I can ping
oh ! I'm very tired.
You are in right. I forgot the source nat rules, for my inside IPs @ (private
@)
I will config them tomorrow morning.
But I can't understand why , from a node on the DMZ (193.48.41.194, a public @)
I can't ping a node on internet.
In fact, in a first time, I began to
Hi everyone,
I have a question regarding managing policies among multiple sets of
firewalls. I don't know what industry standard / best practice is for
managing rules among multiple devices.
Currently our office has an srx cluster, site A has an edge srx cluster and
core srx cluster, and site B
Morgan- I would take a good hard look at Junos Space's Security Design package.
Its has centralized address books, tier'd policy management, config management,
and VPN tools (among a ton of other features), all from a single pane of
glass. Ask your reseller for a demo or check it out online.
Hi Morgan,
I have a question regarding managing policies among multiple sets of
firewalls. I don't know what industry standard / best practice is for
managing rules among multiple devices.
If there is an industry standard, no one in any industry I've worked with is
aware of it ; )
I don't
While I agree space is a decent viable option there are lots of
limitations and caveats around the Space security designer product.
Test it throughly before buying and know how it acts and what it does
that will not work in your environment.
Another thing worth mentioning is SD has been out less
Ben,
let me introduce you to my little friend called the global address
book. Introduced in 11.4.
set security address-book global address p1 192.168.1.13/32
-Tim Eberhard
On Mon, Jun 11, 2012 at 7:04 PM, Ben Dale bd...@comlinx.com.au wrote:
What would really help though is if Junos allowed
Nice - Thanks Tim!
The 11.4 release note for this feature and what it means doesn't read half as
well as they should ; )
Now if only there was a release of 11.4 for SRX that didn't make baby kittens
cry!
On 12/06/2012, at 10:08 AM, Tim Eberhard wrote:
Ben,
let me introduce you to my
On Mon, Jun 11, 2012 at 5:04 PM, Ben Dale bd...@comlinx.com.au wrote:
What would really help though is if Junos allowed multiple address-books
to be bound to a single zone - that way, SRXs buried deeper in your network
would have access to all address-book entries on a single upstream zone
Hi Wayne,
Thanks for this - that's actually a really good solution I hadn't even
considered - I can take it a step further and use wildcards on the zone to
solve my multiple address-book on a single zone request:
set groups HQ-UNTRUST-HOSTS security zones security-zone * address-book
address
On Mon, Jun 11, 2012 at 8:14 PM, Ben Dale bd...@comlinx.com.au wrote:
Hi Wayne,
Thanks for this - that's actually a really good solution I hadn't even
considered - I can take it a step further and use wildcards on the zone to
solve my multiple address-book on a single zone request:
set
16 matches
Mail list logo