Re: [j-nsp] st0.13 Interface won't come up - ipsec VPN issue

Hi, Can you name the hardware? SRX ? Anything interesting in log files? (Have you turned on traceoptions? ) Are ike sa and ipsec sa up ? On Thu, Sep 14, 2017 at 2:14 PM, sameer mughal wrote: > Hi Team, > > I was disable st interface and when I am going to active this interface, it > won't comi

[j-nsp] SRX240H-POE and SRX240H (non poe) cluster

Hi folks, Is it possible to configure chassis cluster between srx240h-poe and srx240h models? I know, that in chassis cluster scenario all hardware and software should be identical (also card placement), but still, at this moment, no other hardware is available. Is it possible ? Thanks, Misha __

Re: [j-nsp] Srx 240 ipsec site to site

Sorry, I missed that both sides have dynamic IP addresses. My fault : ) ___ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp

Re: [j-nsp] Srx 240 ipsec site to site

Hi Aji, Take a look at AutoVPN. Some links about it: General info Overview and Configuration

Re: [j-nsp] Srx 240 ipsec site to site

And forgot to mention, that you can establish tunnel to remote site, with dynamic IP address using aggressive mode. You will not need dyndns for this. Regards, Misha ___ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman

Re: [j-nsp] Security-flow TCP idle timeout at SRX

As Anton mentioned, you should use custom defined application in security policy. Or you can alter default application, by creating custom application, by the same name. (for example: set applications application junos-http protocol tcp destination port 80 inactivity-timeout 84600) This method allo

Re: [j-nsp] Junos spanning-tree patch cost method

Hi there, Not sure about changing path cost method on juniper, but if you are connecting with cisco switches, you can use "spanning-tree pathcost method long" on Cisco. So, cost calculations on cisco and juniper will be identical. On Fri, Jan 11, 2013 at 12:09 PM, Michael Radits < michael.rad...@n

Re: [j-nsp] SRX NIC Teaming

Sorry, I misunderstood your question first time. Aggregating ports from different SRXes in cluster, do not works. Regards, Misha ___ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp

Re: [j-nsp] SRX NIC Teaming

If memry serves, swithing in cluster mode is added in newer junos versions. from 11.x ___ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp

Re: [j-nsp] looking for jncie-sp study follow

AFAIK, Proteus has workbook for jncie-sp, and they do bootcamps as well. Check proteus.net for more details. ___ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp

Re: [j-nsp] ex vstp and cisco pvst

Hi there, If I remember correctly, vlan1 do not works well between C and J. due to mac address mismatches in BPDU. Use edge ports on acess ports to prevent unwanted calculations, Use spanning tree pathcost method long on cisco to adjust costs. And use rapid pvst on Cisco. HTH. Regards, Misha On Ap

Re: [j-nsp] Regular maintenance advice

Hi Skeeve, I think, forwarding messages to syslog server, will avoid rutine of logging on device. rsyslog or syslog-ng with web interface and mysql backend will allow your support to search for desired messages using web UI. For uptime and disk usage - I think, that snmp is the best way. On Apr 3,

Re: [j-nsp] console switch to access juniper devices

Opengear is our console server of choice :-) It Has all the features we want and is stable. On Mar 31, 2012 7:52 PM, "Sachin Rai" wrote: > > Thank you everyone for sharing your thoughts. They will really help me. > > > > > Date: Fri, 30 Mar 2012 21:33:25 -0400 > > From: ja...@freedomnet.co.nz >

Re: [j-nsp] SRX gui

Hi David, about your question on bigger ones: I recently used j-web on srx 3k and it is slow... I cant compare j-web performance between branch and DC series. Never used jweb on branch.. On Mar 6, 2012 5:53 AM, "David Klein" wrote: > > > Just curious about your experiences with the SRX J-Web GU

Re: [j-nsp] PVLAN for tagged VLANs on EX4200

Hi There, Currently I'm trying to configure private vlans on EX 4200. Requirement to configure private vlans accross switches is to have junos 10.4R1, seefollowing link: http://www.juniper.net/techpubs/en_US/release-independent/junos/topics/concept/ex-series-software-features-overview.html#layer-2-

Re: [j-nsp] NSM API resources with SRX

Agree with Pavel about nsm, Have a question about SPACE, Is it better to manage SRXes with space? Have not tried space yet. On Jan 23, 2012 11:04 AM, "Pavel Lunin" wrote: > Only thing I can say is SRX managed with NSM (manually) is a total mess, > much like any other JUNOS device. > > To be hones

Re: [j-nsp] Time-of-day based traffic conditioning

Hi there, on SRX/J series you can use schedulers and apply schedulers to security policies. On EX there are stateless filters and do not know if they support such thing. Regards, Misha On Jan 10, 2012 6:30 AM, "Dale Shaw" wrote: > Hi all, > > Does anyone know of a way to enforce traffic policing