Thank you - the more that I’ve fought with it, I’m at the same conclusion.
I’ll try one of those out from your suggestion.
From: Job Snijders
Date: Friday, March 8, 2024 at 12:23 PM
To: Paulhamus, Jon
Cc: juniper-nsp@puck.nether.net
Subject: Re: [j-nsp] SRX345 Boot Problem
On Fri, Mar 08
Hello all –
I have an issue with an SRX345 that will not boot as the internal OS is
corrupted. I created a USB recovery stick from another SRX345 and can
successfully boot from it. When trying to write to the external USB stick to
the internal storage using this command, the device crashes.
Hello group -
Does anyone know how to, or if it's even possible to assign a gre tunnel
interface such as gr-0/0/0.100 to a logical system? The SRX5400 takes the
commands to assign the interface, but it never shows up in the logical system
after commit.
Any help would be appreciated.
Thanks!
Hello Group -
Is anyone aware of any optics for an EX4600 QSFP+ that reach 80km?
Thanks for the input.
Jon
___
juniper-nsp mailing list juniper-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp
Here is a working config from an SRX connecting to a Cisco 2911 behind NAT -
GRE over IPSec. Some things removed - snipped out. IP's changed etc.
---
set interfaces ge-0/0/0 description ***INSIDE***
set interfaces ge-0/0/0 unit 0 family inet address 192
: [j-nsp] RTPERF_CPU
On 29/10/14 18:40, Paulhamus, Jon wrote:
>
> Seeing this on firewalls with very little throughput up through more than
> 2Gps of throughput.
Are you doing any AppXXX e.g. AppID, AppFW, etc.?
___
juniper-nsp mailing list ju
Hello group -
I'm hoping that someone may be able to shed some light on this for me -
I have 20+ branch SRX's from 100's through 650's - since moving to JUNOS
12.1X44 (subversion does not seem to matter at all) - getting tons of these
errors:
PERF_MON: RTPERF_CPU_THRESHOLD_EXCEEDED: FPC 0 PIC
We've used a combination of Cisco, Juniper and Finisar SFP's with only one
issue:
Some Finisar 1Gb will also operate at 4Gb in the EX4500's as they support
fiberchannel at 4Gb, and can't be "dialed-down". Depends on the model.
Cisco's have been fine.
-Original Message-
From: Mark Ti
Just a note -
I know that on some Cisco phones using EX2200-12C switches we needed to use
crossover cables to connect the phones.
That was in the release notes for the switches - at the time we were running
11.4R5.5
-Original Message-
From: Patrick Okui [mailto:po...@psg.com]
Sent: T
LinkedIn
Paulhamus Jon ha indicado que eres amigo(a).
--
Como eres alguien en quien confío, me gustaría añadirte a mi red.
Accept invitation from Paulhamus Jon
http
Hello Group -
>From Juniper's website:
http://www.juniper.net/techpubs/en_US/release-independent/junos/topics/reference/specifications/power-supply-ex3200.html
Power Supply in EX3200 Switches
The power supply in EX3200 switches is a hot-removable and hot-insertable
field-replaceable unit (FRU) t
Yes - it's usable with the AFL license, but I'm pretty sure on the EX2200, it
only allows 4 interfaces to participate in OSPF.
From: Bill Blackford [mailto:bblackf...@gmail.com]
Sent: Thursday, June 27, 2013 8:19 PM
To: Paulhamus, Jon
Cc: Doug McIntyre; juniper-nsp@puck.nether.net
S
We have well approximately 75 of the 2200's and closer to 250 of the 4200's /
4500's either standalone or in VC. A few bugs along the way with earlier
code - but now we've stuck with 11.4R5.7 code and all is well. I've mixed the
2200's with mostly Cisco, and 3com / HP and have had no issues
Hello everyone-
I have an EX4500 that has been throwing this error in the messages log every
few minutes for quite some time now (no regular time interval though). Does
anyone have any ideas? There is NO SFP+ in the port in question.
Jan 14 19:20:35 chassism[1092]:
cm_vchassis_optic_vcport_
I get sick of these idiots sending this...
Does Juniper have any protection they can offer the puck list? :)
___
juniper-nsp mailing list juniper-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp
Same here - 95%of SFP's that I user are Finisar which you can find quite cheap
looking around - eBay. Never have had any issues with them, other than the
EX4500 with 1Gb SFP's - make sure that you have the 1Gb only model otherwise
the switch thinks they are 4Gb fiber channel SFP's.
Jon Pau
can't physically test it right now, but it commits ok.
test@test# show interfaces ge-0/0/10
ether-options {
802.3ad ae0;
}
test@test# show interfaces ge-0/1/0
ether-options {
802.3ad ae0;
}
test@test# show interfaces ae0
unit 0 {
family ethernet-switching {
port-mode
sounds like you're missing proxy arp entries for these addresses on your
outside interface.
such as:
set security nat proxy-arp interface ge-0/0/0.0 address 59.1.1.5/32
set security nat proxy-arp interface ge-0/0/0.0 address 59.1.1.6/32
Jon Paulhamus [CCNP, JNCIP-ENT, MCSE]
Assistant Directo
Hi Group-
I'm looking to see what others are using in EX switches for SFP's and SFP+'s.
Are most using Juniper optics, or some 3rd party. If some 3rd party, what
brand are you having the best luck with.
Any input would be greatly appreciated.
___
j
This is in the release notes for 12.1 now.
Generic routing encapsulation—EX3200 and EX4200 switches now support generic
routing encapsulation (GRE), a tunneling protocol to transport packets over a
network. You can use GRE tunneling services to encapsulate any network layer
protocol over any o
I have a pair of 650's clustered running 11.4R1.6
In 11.4, the cluster can support GRE interfaces - which I needed. No issues
with stability here.
-HTH
-Original Message-
From: Lee Hetherington [mailto:li...@kerfuffle.net]
Sent: Tuesday, April 03, 2012 3:54 AM
To: Jeff Rooney
Cc: ju
If it's in a 4 post rack, you can buy the 4 post kit.
EX-4PST-RMK
If not - you can turn the rack ears backwards, so the switch sits more centered
in the rack - although it will stick out further.
-Original Message-
From: Mike Williams [mailto:mike.willi...@comodo.com]
Sent: Wednesd
4 sizes -
50cm
1m
3m
5m
The cable that comes with an EX4200 is 50cm.
From: Keegan Holley [keegan.hol...@sungard.com]
Sent: Thursday, March 15, 2012 1:37 PM
To: juniper-nsp
Subject: [j-nsp] Stacking cable sizes
The juniper website doesn't seem to have e
Hi Paul -
In my experience, I have used a looback interface address of the SRX as the
destination of the GRE tunnel on both sides then just send the /32 route of the
loopback at the other end to the st0.0 address. I've always used OSPF to carry
the routes over the tunnel. The only other thin
Maryin [mailto:timamar...@mail.ru]
Sent: Saturday, January 14, 2012 1:18 PM
To: Paulhamus, Jon
Cc: 'juniper-nsp@puck.nether.net'
Subject: Re: [j-nsp] IGMP-Snooping problem
Hi,
Does that system uses multicat ?
If yes, this knob may be helpful^
http://www.juniper.net/techpubs/en_US
2.168.206.0/24
set interfaces reth5 unit 207 vlan-id 207
set interfaces reth5 unit 207 family inet address 192.168.207.0/24
Then, on the EX side - just simple trunk configuration permitting said VLAN's
for those ports?
Thank you again.
From: Павел Лунин [plu...@sene
[plu...@senetsy.ru]
Sent: Monday, January 16, 2012 3:58 PM
To: Paulhamus, Jon
Cc: Ben Dale; juniper-nsp@puck.nether.net
Subject: Re: [j-nsp] SRX650 cluster - ethernet switching issue
The case what not that I was connecting end points directly to the SRX, it's
that I wanted 2 trunk links between eac
om: Pavel Lunin [mailto:plu...@senetsy.ru]
Sent: Monday, January 16, 2012 9:32 AM
To: Paulhamus, Jon
Cc: Ben Dale; juniper-nsp@puck.nether.net
Subject: Re: [j-nsp] SRX650 cluster - ethernet switching issue
Sorry, missed this reply because of the new year holidays.
>> BTW, never could underst
Hi Group,
I have an issue with IGMP snooping enabled on EX switches that it's blocking IP
phones from booting. The phone system is a 3Com NBX system. When
IGMP-snooping is enabled, the phones will never register with the NCP -
disabling on that VLAN solves the issue, but I need IGMP snooping
ly in a cluster either - clustering of the
firewalls is soley for redundancy in my situation.
If you think there are better options, I'm opened to recommendations.
From: Павел Лунин [plu...@senetsy.ru]
Sent: Friday, January 06, 2012 5:45 AM
To: Paulhamus, Jon
Cc: Ben Dale; juniper-nsp@puck.ne
Hello group-
Can anyone guide me with configuring DHCP option 43 and option 60 using JUNOS
DHCP to properly configure Cisco AP's?I'm not able to make this work
correctly.
Thank you all,
Jon
___
juniper-nsp mailing list juniper-nsp@puck.nether.net
.au]
Sent: Monday, January 02, 2012 5:18 AM
To: Paulhamus, Jon
Cc: juniper-nsp@puck.nether.net
Subject: Re: [j-nsp] SRX650 cluster - ethernet switching issue
Hi John,
>
> My issue is that I have 2 trunk links on each firewall passing completely
> different VLAN's but when I enable a
Hello group -
I have a pair of SRX 650's running in a cluster -
My issue is that I have 2 trunk links on each firewall passing completely
different VLAN's but when I enable any form of spanning tree, I'm seeing one of
those links blocked (3 out of the 4 links get blocked by STP). I've tried
r
I got clarification from JTAC on this one:
The 131,072 would be if you were using source NAT without translating the port.
Otherwise source NAT would be for 1024 pools * ~65,000 ports per pool.
Static translations - more than 6000 supported. I totally read this wrong - I
hope this helps some
Good evening all:
In regards to NAT on the SRX-650:
In the 11.2 release notes there is a table that states NAT Scaling:
SRX650 (High Memory)
MAX Number of IP Address Translations - 131,072
MAX Number of IP Addresses Supporting Port Translations - IP's 1,024
MAX Number of Source NAT Poo
I've heard from more than one Juniper employee to stay away from any client VPN
solution on the SRX's - period - so I've stayed with using Cisco ASA's and
IPSec or AnyConnect SSL VPN for our deployments.
From: Chris Gapske [cgap...@paducahpower.com]
If the design is that bad - use virtual-links. Usually there are not any good
reasons to do so. Area 0 must be the backbone, must be contiguous, and all
other areas should connect to it.
From: medrees [medr...@isu.net.sa]
Sent: Monday, September 12, 2
; Hi Jon,
>
> On 28/07/2011, at 1:15 PM, Paulhamus, Jon wrote:
>
>> Hello all -
>>
>> I am in the process of replacing an aging Cisco ASA-5540 with an SRX-650.
>> The ASA has a large number of static NAT translations, as well as many
>> outbound source NAT pools
Hello all -
I am in the process of replacing an aging Cisco ASA-5540 with an SRX-650. The
ASA has a large number of static NAT translations, as well as many outbound
source NAT pools. Does anyone have any suggestions on creating templates for
at least the statics that I need to recreate on th
39 matches
Mail list logo
