maybe you can try using another junos release like 10.4r5
we are using here with no problems
On Wednesday, September 12, 2012, Alberto Santos wrote:
Hey everyone,
I'm facing difficult times with srx5800 and snmpget.
I have a cluster which reports it is running over 100% CPU for it's RE0,
Hi all,
I'm trying to find a way to use an srx3400 as an intermediate box to
provide L2 connectivity between a couple of EX switches and a J2320.
This is just a short-term arrangement to get me out of a bind. If I
can't do it, it's not a big deal, I'll dig up a 3rd switch.
Essentially I want to
On Tue, Sep 11, 2012 at 02:35:08PM -0700, Morgan McLean wrote:
Is anybody having issues with twinax / DAC cables from juniper staying
secure? We run redundant L2 links just about everywhere so this hasn't
caused down time, but at least 7-8 times I've had a link to a switch go
down, usually at
People,
Dow anyone on list is using MX series as a BRAS box ?
We are looking forward some samples of configurations to apply shapping
rate using only radius variables.
We have found the configuration bellow ... but we did not find any
RADIUS dictionary to apply it.
The only way we found
hi everyone,
do SRX firewalls support a tap mode installation? Really just looking at it
for purposes of evaluation of IDP functionality where tap mode would be the
least intrusive method to see data vs having to put it inline (and then deal
with the inevitable you put a device inline and now
High end SRX's support tap mode. Branch as far as I know do not.
http://www.juniper.net/techpubs/software/junos-security/junos-security10.2/junos-security-swconfig-security/topic-45272.html
Hope this helps,
-Tim Eberhard
On Wed, Sep 12, 2012 at 10:33 AM, William McLendon wimcl...@gmail.com
hi Tim,
thanks for the response - but reading the description that sounds like the
firewall itself still has to be inline, which i'm trying to avoid here.
I guess what does the rest of the config have to look like for it to function
correctly off a span port? ie there wouldn't be any routing
Hi Dale,
I have never tried to do tranarent mode bridging on an SRX while converting it
to packet mode, so I am unsure if it can even be done. However, if you don't
mind the additional stateful processing why not just configure bridging and
then configure an any-any-any policy to allow
You can always create your own 'tap mode' by simply configuring Filter Based
Forwarding and shunting your selective traffic through your IDP. I did this all
the time in my previous life when dealing with security devices that couldn't
scale enough to place in-line.
Stefan Fouant
JNCIE-SEC,
Unfortunately, as far as I know, there's no ethernet-switching or
bridging capability on the high-end SRX that I know of, even though
the branch can do ethernet-switching.
-bn
0216331C
On Wed, Sep 12, 2012 at 1:14 AM, Dale Shaw dale.shaw+j-...@gmail.com wrote:
Hi all,
I'm trying to find a
Will,
Here is a config for using a port on a branch device as a packet capture
device. Port ge-0/0/1 is put into promiscuous mode (has to be a gig port
btw) and getting forwarded packets from a switch.
You need the:
forwarding-options {
packet-capture {
setting and the packet filter.
Hi all,
I'm after some advice on setting up nextgen multicast on an RSVP based
MPLS network.
The network is quite simple - MX5's with static lsp's, rsvp signalling
fast reroute.
But setting up multicast over this is not something I'm very familiar
with.
I've looked at the Juniper
12 matches
Mail list logo
