[j-nsp] Steel-Belted RADIUS backups

2013-08-29 Thread Dale Shaw
Hi all, Does anyone out there use SBR? We have the Global Enterprise Edition (GEE) version v6.1.7 running on Linux. I'm putting something in place to back up SBR itself; currently we just tar up /opt/JNPRsbr/radius (after stopping sbrd) but it's occurred to me that we have never tested a

[j-nsp] SRX's dynamic vpn

2013-08-29 Thread 徐见
Hi all: I have some questions about srx’s dynamic vpn. Suppose two user connected throught dynamic vpn, is there a configuration could make them access each other? I know the default setting can’t. If can’t do, is there office explain about the thory? And what about ssl vpn?

[j-nsp] SRX5800 - Security-Profile for Logical Systems

2013-08-29 Thread Ahmed -Y
Dear All, I configured couple of logical systems and there are going to be 10 to 15 more in future. I want to know what is the best practice when assign the resources e.g. policies, flow session etc. to logical systems. I am more concerned about CPU. Lets say i will enable only basic firewalling

[j-nsp] MPLS PEs out in the last-mile

2013-08-29 Thread Will Orton
I have found recently that we are pushing MPLE PE's closer and closer out towards some customers, which means sometimes across flaky RF and DSL last-mile type connections. Usually this is with small SRX's, to provide a managed-endpoint for L2VPN over nasty last-mile topology. Is there some way to

Re: [j-nsp] Steel-Belted RADIUS backups

2013-08-29 Thread Clay Haynes
How about a MAG running IC + RADIUS License? It's not FreeRADIUS :) In all seriousness perhaps you can script an export using the LDAP tools, and import that back in? http://www.juniper.net/techpubs/software/aaa_802/sbrc/sbrc70/sw-sbrc-admin/ html/LDAPConfig6.html#334279 On 8/29/13 5:10

Re: [j-nsp] MPLS PEs out in the last-mile

2013-08-29 Thread Mark Tinka
On Thursday, August 29, 2013 08:27:42 PM Will Orton wrote: Does it work to build the MPLS LSPs to endpoints learned over BGP instead of an IGP, since I need BGP to the local POP's RRs for L2VPN NLRI anyway? RFC 3107. But I'm not sure whether the SRX's support this. Mark. signature.asc

[j-nsp] SNMP Polling

2013-08-29 Thread Wan
Hi, Does polling many interface on Juniper MX will impact CPU/SYSTEM performance? We are using MX as BRAS and would like to pool all the subsciber interface utilization directly from PP0 interface. Can someone share interm of scaling, how many interface we can pool for traffic utilization

[j-nsp] Throughput monitoring on pp0 units (Branch SRX)

2013-08-29 Thread Andrew Jones
Hi, I'm trying to monitor throughput on individual pppoe connections on a branch SRX, using SNMP. For example, SRX110 with a PPP dialer on the DSL port and another PPPoE connection on an ethernet interface. If I monitor pp0, I seem to get the aggregate throughput, but if I monitor pp0.0, for