My previous post (Juniper SRX DB mode (Debug mode)) described a situation which is one of firewall cluster members got stuck into DB mode. Although it was fixed eventually by re-installed image, it was still failed again after a couple of months. RMA ticket created with vendor Juniper and a new device was issued by Juniper. This post recorded all…
Posts published in “Juniper”
An Intrusion Detection and Prevention (IDP) policy lets you selectively enforce various attack detection and prevention techniques on the network traffic passing through your SRX Series. The SRX Series offer the same set of IDP signatures that are available on Juniper Networks IDP Series Intrusion Detection and Prevention Appliances to secure networks against attacks. The basic IDP configuration involves the…
I have been dealing with Juniper SRX IDP error many times when NSM was been used. Mostly those errors are caused by corrupted signature DB or not enough storage space on SRX itself. Here is the latest one I encountered. Symptoms From Space, if I make a new change on firewall policy and push it to gateway, I will get…
During our regular maintenance, after rebooted one SRX345, and found it stuck at db mode, which is debug mode. After a short and quick analysis, I found Juniper JunOS devices may get stuck in the boot process or fail to boot the OS, in rare cases, after a sudden power loss or ungraceful power shut down. Juniper routers, switches and…
Issue Symptons: Normally, each firewall rule on the SRX auto-updates a snmp counter for hit-count, regardless of whether ‘count’ is configured or not. Juniper Space Security Director periodically polls these OIDs and updates the hit-count. In Junper Space 16.1 R1, the issue found is unable to view policy hit counts from Juniper Space Security Director, but SRX itself is…
Based on Juniper “Junos Space Virtual Appliance Installation and Configuration Guide” , JunOS Space “ must deploy the virtual appliance on a VMware ESX, VMWare ESXi or KVM server, which provides a CPU, hard disk, RAM, and a network controller, but requires installation of an operating system and applications to become fully functional.” In my test environment, one JunOS Space has…
My old post “Import Existing Juniper SRX Cluster into JunOS Space Security Director” was created based on Space 14.1 and SRX11.x version. Now both have been upgraded. Space NMP and Security Director have been upgrade to 16.1 (Post is here). SRX240H has been upgrade to 12.1D46.55. Basically, all steps are similar except the web interface is different. What you need…
Juniper Networks has a Day one book for ‘JunOS Tips, Techniques, and Templates 2011’ in Junos Fundamentals Series. To record some my own tips, I put them together in this post. Let me know if you have some more to share. 1. Find big size files find . -type f -size +10000 -exec ls -lh {} ; [email protected]% find .…
JunOS Space is in my environment and starting to replace NSM. I have played with in testing lab which recorded in my previous posts: Install JUNOS Space Virtual Appliance at ESXi 5.5 Installation of Junos Space Security Director and Managing Juniper Firewall Juniper vSRX Firewall (Firefly Perimeter) installation in ESXi and Managed by JunOS Space Import Existing Juniper SRX Cluster…