SRX3400

Hello everyone:

I have a question about Juniper firewalls.  We support SRX 3400 series of firewall.  The questions i have are the following:
 

1. How do i determine which interface is setup for management traffic fxp0?

2. We have a cluster of SRX3400 devices.  After bouncing both nodes, we've noticed that the rollback information (using show | compare) is not listed on node0.  How come the rollbacks are not listed on node0 and just on node1?  is there a safe way to get it back to node0 from node1?  does the rollback depend on the actual active node to have the rollback?

3.  Lastly, for the Juniper cluster failover, if an interface (let's say connected to a switch goes down), does it trigger failover?  I assume it would, but with our non-functional testing, we're seeing otherwise.  

Thank you everyone.

Your input is highly appreciated!!!


 

Thanks so much!!!


 

Anatoly
.
FREDARCEAsked:
Who is Participating?
 
deimarkConnect With a Mentor Commented:
Hi bud


1. How do i determine which interface is setup for management traffic fxp0?

fxp0 on an SRX3400 is a physical interface on the RE

2. We have a cluster of SRX3400 devices.  After bouncing both nodes, we've noticed that the rollback information (using show | compare) is not listed on node0.  How come the rollbacks are not listed on node0 and just on node1?  is there a safe way to get it back to node0 from node1?  does the rollback depend on the actual active node to have the rollback?

Not sure what you mean here bud.  If you reboot both nodes, what config are you looking at?  However, the basics are that the config is the same on both nodes, we basically configure the clsuter, which is shared between both nodes.

If that doesnt answer you, can you elaborate?

3.  Lastly, for the Juniper cluster failover, if an interface (let's say connected to a switch goes down), does it trigger failover?  I assume it would, but with our non-functional testing, we're seeing otherwise.

Cluster failover is definted within the redudnacy group section of the config.  We can assign weights to interfaces within each RG and should the weight of failed interfaces get to 255 then the RG will fail over from one node to the other.

If you can share the RG config, I can explain it to you.

HTH
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.