Solved

SRX3400

Posted on 2013-01-09
1
527 Views
Last Modified: 2013-01-18
Hello everyone:

I have a question about Juniper firewalls.  We support SRX 3400 series of firewall.  The questions i have are the following:
 

1. How do i determine which interface is setup for management traffic fxp0?

2. We have a cluster of SRX3400 devices.  After bouncing both nodes, we've noticed that the rollback information (using show | compare) is not listed on node0.  How come the rollbacks are not listed on node0 and just on node1?  is there a safe way to get it back to node0 from node1?  does the rollback depend on the actual active node to have the rollback?

3.  Lastly, for the Juniper cluster failover, if an interface (let's say connected to a switch goes down), does it trigger failover?  I assume it would, but with our non-functional testing, we're seeing otherwise.  

Thank you everyone.

Your input is highly appreciated!!!


 

Thanks so much!!!


 

Anatoly
.
0
Comment
Question by:FREDARCE
1 Comment
 
LVL 18

Accepted Solution

by:
deimark earned 500 total points
ID: 38760643
Hi bud


1. How do i determine which interface is setup for management traffic fxp0?

fxp0 on an SRX3400 is a physical interface on the RE

2. We have a cluster of SRX3400 devices.  After bouncing both nodes, we've noticed that the rollback information (using show | compare) is not listed on node0.  How come the rollbacks are not listed on node0 and just on node1?  is there a safe way to get it back to node0 from node1?  does the rollback depend on the actual active node to have the rollback?

Not sure what you mean here bud.  If you reboot both nodes, what config are you looking at?  However, the basics are that the config is the same on both nodes, we basically configure the clsuter, which is shared between both nodes.

If that doesnt answer you, can you elaborate?

3.  Lastly, for the Juniper cluster failover, if an interface (let's say connected to a switch goes down), does it trigger failover?  I assume it would, but with our non-functional testing, we're seeing otherwise.

Cluster failover is definted within the redudnacy group section of the config.  We can assign weights to interfaces within each RG and should the weight of failed interfaces get to 255 then the RG will fail over from one node to the other.

If you can share the RG config, I can explain it to you.

HTH
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
WatchGuard T50 - Internet Priority Based on VLAN or User 1 51
Cisco Router DMZ 5 90
Can't access router via web browser 21 97
Setting up static routes to  sonicwll 4 75
I have seen some questions on problems with SSH/telnet access to Cisco routers that may occur despite the fact that from a PC connected to your LAN, Internet connectivity is in place and users can access Internet sites without any issues.  There are…
We've been using the Cisco/Linksys RV042 for years as: - an internet Gateway - a site-to-site VPN device - a leased line site-to-site subnet-to-subnet interface (And, here I'm assuming that any RV0xx behaves the same way as an RV042.  So that's …
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

821 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question