Solved

SRX3400

Posted on 2013-01-09
1
518 Views
Last Modified: 2013-01-18
Hello everyone:

I have a question about Juniper firewalls.  We support SRX 3400 series of firewall.  The questions i have are the following:
 

1. How do i determine which interface is setup for management traffic fxp0?

2. We have a cluster of SRX3400 devices.  After bouncing both nodes, we've noticed that the rollback information (using show | compare) is not listed on node0.  How come the rollbacks are not listed on node0 and just on node1?  is there a safe way to get it back to node0 from node1?  does the rollback depend on the actual active node to have the rollback?

3.  Lastly, for the Juniper cluster failover, if an interface (let's say connected to a switch goes down), does it trigger failover?  I assume it would, but with our non-functional testing, we're seeing otherwise.  

Thank you everyone.

Your input is highly appreciated!!!


 

Thanks so much!!!


 

Anatoly
.
0
Comment
Question by:FREDARCE
1 Comment
 
LVL 18

Accepted Solution

by:
deimark earned 500 total points
ID: 38760643
Hi bud


1. How do i determine which interface is setup for management traffic fxp0?

fxp0 on an SRX3400 is a physical interface on the RE

2. We have a cluster of SRX3400 devices.  After bouncing both nodes, we've noticed that the rollback information (using show | compare) is not listed on node0.  How come the rollbacks are not listed on node0 and just on node1?  is there a safe way to get it back to node0 from node1?  does the rollback depend on the actual active node to have the rollback?

Not sure what you mean here bud.  If you reboot both nodes, what config are you looking at?  However, the basics are that the config is the same on both nodes, we basically configure the clsuter, which is shared between both nodes.

If that doesnt answer you, can you elaborate?

3.  Lastly, for the Juniper cluster failover, if an interface (let's say connected to a switch goes down), does it trigger failover?  I assume it would, but with our non-functional testing, we're seeing otherwise.

Cluster failover is definted within the redudnacy group section of the config.  We can assign weights to interfaces within each RG and should the weight of failed interfaces get to 255 then the RG will fail over from one node to the other.

If you can share the RG config, I can explain it to you.

HTH
0

Featured Post

Top 6 Sources for Identifying Threat Actor TTPs

Understanding your enemy is essential. These six sources will help you identify the most popular threat actor tactics, techniques, and procedures (TTPs).

Join & Write a Comment

Problem Description:   Couple of months ago we upgraded the ADSL line at our branch office from Home to Business line. The purpose of transforming the service to have static public IP’s. We were in need for public IP’s to publish our web resour…
Tired of waiting for your show or movie to load?  Are buffering issues a constant problem with your internet connection?  Check this article out to see if these simple adjustments are the solution for you.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

22 Experts available now in Live!

Get 1:1 Help Now