Recent Posts

Pages: [1] 2 3 4 5 6 ... 10
Routers / Juniper VDSL for 30a Profile
« Last post by sg4rb0 on March 19, 2017, 05:09:14 pm »

I'm trying to find out if Juniper actually sell any PIM cards that do the 30a VDSL profile, which operates a 200Mbps? Cisco have them available, part NIM-VAB-A.  But I don't see any competition from Juniper, and I'd ideally like to use Juniper.
Routers / Juniper Software
« Last post by sg4rb0 on March 19, 2017, 05:08:37 am »

I am new to Juniper, but I'm thinking of buying the SRX110H2-VA.  I just need some clarification before I buy one.  I am a home user, and not part of a company that owns Juniper kit.  My worry is, that if it's anything like Cisco, you would need a J-TAC reseller to give you access to the software page.  However, I intend to purchase this 2nd hand hardware from Ebay, so would I still be able to download the software for it?
Have you tried something like this?:

ssh -oKexAlgorithms=+diffie-hellman-group1-sha1 -oHostKeyAlgorithms=+ssh-dss

I find that from modern Linux systems that I need to explicitly enable support for older SSH options in order to get into my SSG5 and SSG320 systems.
NetScreen and SSG/ISG Series Firewalls / packet dropped, Tcp seq check failed
« Last post by rjuniper on March 14, 2017, 11:33:40 am »
I am troubleshooting a NetScreen to NetScreen packet routing issue where one of the netscreens is dropping a packet with this message:

****** packet decapsulated, type=ipsec, len=56******
  ipid = 28750(704e), @05f64a64
  existing session found. sess token 4
  flow got session.
  flow session id 52158
  flow_main_body_vector in ifp ethernet0/2 out ifp N/A
  flow vector index 0x107, vector addr 0x3f29334, orig vector 0x3f29334
  adjust bi-directional vpn tcp mss.
  tcp seq check.
  packet dropped, Tcp seq check failed
  **** pak processing end.

When I check the NetScreen configuration on both sides, I can see that TCP Sequence Checking has been disabled:

get config | inc seq
unset flow no-tcp-seq-check

get config | inc syn
unset flow tcp-syn-check

Is there another hidden setting I need to change to get the packet to pass?

NetScreen and SSG/ISG Series Firewalls / Request ScreenOS 6.3.0r3 for ISG1000
« Last post by Juanjoli on March 10, 2017, 03:43:35 am »
Currently, we have adquired a ISG1000 and it has the 5.3.0r3 version and need get the 6.3.0r3 version in order to form a cluster with other ISG1000.

We have tried to obtain this version in Juniper Support website but it is not available (it's data from 2010).

We have readed that is necesary to upgrade to 5.4.0r8 version before.
Someone could provide us these versions for ISG1000 (6.3.0r3 and 5.4.0r8)?
Someone could provide the upgrade guide for 6.3.0r3?
Thanks in advance.
Switches / interface configuration display
« Last post by kevinitjuniper on March 07, 2017, 03:46:15 am »
in EX switch, I try show config interface ge-1/0/0.0 but it only shows me the "family ethernet-switching" , how to display the configuration of a specific interface? thanks
SRX Platform and J-series / vSRX and ESXi - VLAN tag or multiple NICs
« Last post by norbs on March 06, 2017, 12:53:21 am »

We are doing some testing with vSRX in our ESX cluster and are wondering if it is better to assign multiple interfaces to a vSRX (limited to 10) or use a single interface and use vlan-tagging.  Any downsides to using vlan tagging? Limitations to the number of VLANs? We are planning to use a dvSwitch with trunk port group that has a range of vlans 3000-3099 and maybe use 10 or so VLANs.

Thanks !!
Hello everyone,

I have a NetScreen 5400 with M2 management module.
At the login via the CLI appears the following message: "PCI Master Data parity error on Req queue read". I can login and execute commands but the message keeps popping up continuously. In addition, CPU usage remains above 70%. There are not any errors in the log. I reset the device and downgraded the firmware but the problem persists.

Does anyone know how to solve this problem? Can it be a hardware problem of the management module or of another module installed? Maybe a software problem?

Thank you for your answers. I need help!!
Routers / Configuration archival via http on SRX routers and EX switches
« Last post by cyril on March 01, 2017, 05:17:29 am »
According to this article, it is possible to configure configuration archival via http. However I failed to make this work. It seems that the router can't even send http request (tcpdump doesn't show any activity on destination) in spite of configuration being checked and successfully saved.
Here are show versions of my router and switch, their config and the only log messages I get concerning this problem

Code: [Select]
Hostname: od-office-gw0
Model: srx210he2
JUNOS Software Release [12.1X44-D50.2]

Hostname: od-office-gw1
Model: srx210he2
JUNOS Software Release [12.1X44-D50.2]
Code: [Select]
Hostname: switch0
Model: ex2200-48p-4g
JUNOS Base OS boot [12.3R11.2]
JUNOS Base OS Software Suite [12.3R11.2]
JUNOS Kernel Software Suite [12.3R11.2]
JUNOS Crypto Software Suite [12.3R11.2]
JUNOS Online Documentation [12.3R11.2]
JUNOS Enterprise Software Suite [12.3R11.2]
JUNOS Packet Forwarding Engine Enterprise Software Suite [12.3R11.2]
JUNOS Routing Software Suite [12.3R11.2]
JUNOS Web Management [12.3R11.2]
JUNOS FIPS mode utilities [12.3R11.2]
Code: [Select]
configuration {
    archive-sites {
        "http://juniper@" password "$9$bGY4ZHqfn/tUj/tuOcSwYg"; ## SECRET-DATA
I've also tried this:
Code: [Select]
configuration {
    archive-sites {;
Code: [Select]
Feb 28 18:07:31  od-office-gw1 logger: transfer-file failed to transfer /var/transfer/config/od-office-gw1_juniper.conf.gz_20170228_155614
Feb 28 18:07:31  od-office-gw1 pfed: Error <256> uploading file '/var/transfer/config/od-office-gw1_juniper.conf.gz_20170228_155614'. Remaining retry attempts = 2, retry in 595 seconds...
SRX Platform and J-series / unset log for policy
« Last post by Marco_75 on February 17, 2017, 07:51:47 am »
Hello, can somebody please tell me how i can disable the logging for a dedicated policy on the gui for a SRX3600 ?
Doing it with J-Web takes much time.

Thanks in advance
Pages: [1] 2 3 4 5 6 ... 10