Tag: vSRX

Junos: vSRX Interface Un-Alignment Recovery

Junos: vSRX Interface Un-Alignment Recovery

Please follow the below steps to perform re-alignment of the network interfaces on the vSRX appliance this can happen if you have been using a release older than D62

How to recover.
1.Shutdown node0 and node1
2. Remove all NICs
3. Power up node0 and node1 , when it reaches config loading power off node0 and node1
4. Add 3 NIC to node0 and node 1 and power on the nodes
5.Check the cluster status , node0 and node1 should see each other and fabric link should be up and working
If you require more network interfaces to be added to your appliance please follow the KB in the link below

http://www.juniper.net/techpubs/en_US/vsrx15.1×49/topics/task/configuration/security-vsrx-vmware-adding-interfaces.html#jd0e206

If you are making changes to network firewalls ensure that you have a backup and a revert plan as a pro-cautionĀ 

Advertisements
Junos: vSRX D62 Update Released

Junos: vSRX D62 Update Released

Okay the clustering bug fix has now been released please use the following links to download the update

https://download.juniper.net/cust-svc/srx/junos-vsrx-15.1X49-D62-domestic.tgz
https://download.juniper.net/cust-svc/srx/junos-vsrx-15.1X49-D62-domestic.tgz.md5

 

PR 1181269 – vSRX: Vmware interface reordering issues

PR 1201267 – High CPU % on httpd over Multiple Jweb sessions

PR 1228547 – SRX is not sending serial number to Policy Enforcer

PR 1214802 – Web Filter may crash with black or whilte lists

PR 1210689 – Anti-Malware connection failures after several RG0/RG1 failover

PR 1213584 – Reth interfaces that have only one link on one node may break sessions on failover and fail back

Junos: vSRX Cluster Gremlins

Junos: vSRX Cluster Gremlins

Okay so you can probably tell from the rest of the blog I work with Junos on a regular basis and I have found a bug that has been logged with Juniper that effects there current vSRX releases upto version D60. It would only effect your SRX if you running in chassis cluster mode and what would happen is that it would fail to detect the network interfaces

Anyway Juniper have agreed that it is an issue on there virtual appliance and a work around will be released hopefully the first week of December 2016

 

Junos: Hidden Commands Monitor Interface Traffic

Junos: Hidden Commands Monitor Interface Traffic

Found a useful command today that allows you to capture interface traffic and dum it into a pcap file and you can even view the content of the file within the SRX CLI

To Start Traffic Monitoring

user@srx>monitor traffic interface ge-0/0/1.0 write-file test.pcap

To View Capture File

user@srx>monitor traffic read-file test.pcap

 

 

 

Junos: Adding a new node to Chassis Cluster

Junos: Adding a new node to Chassis Cluster

Today I have been playing with the vSRX range from juniper and I had broken one of the nodes and instead of repairing the VM it was much easier to re-provision the vSRX VM and add it back into the configured cluster

So First of all spin up a new vSRX VM and run the following

# Enter Configuration Mode
Edit
# Goto Top of Configuration File
top
# Delete Entire Configuration
delete
# Add root password on the appliance
set system root-authentication plain-text-password
# Save empty configuration
Commit
# Exit to operational mode
exit
# Join node to cluster
set chassis cluster cluster-id <0-255> node <0-1>
# Perform Node Reboot
Request System Reboot

 

Once the node has rebooted check the cluster status by running the following command

show chassis cluster status