802.1-AE not working with EX4300
Hi,I’m currently trying to setup the macsec feature on a Juniper EX4300 switch. I successfully configured 802.1x, using CISCO ISE / Microsoft Radius / FreeRadius radius servers. On all of them the...
View ArticleRe: EX2200 lost management interface after ethernet loop
Just in case someone's watching, I found another switch in this state. From your list: 1) Yes2) No, times out3) See below4) No relevant logs (I found this switch many weeks after it went missing on the...
View ArticleRe: EX4200 boot problem tsec0: no hardware MAC address
Do you have another ex4200 that you can generate a snapshot to USB on? https://www.juniper.net/techpubs/en_US/junos/topics/task/configuration/ex-series-system-snapshot-boot-directory.html Then use this...
View ArticleRe: MCLAG between QFX10002 and QFX5100
Agree that it seems like a link failure issue. On the MC-LAG side what does this indicate:show iccpshow interfaces mc-ae and on all nodes what does this have:show lacp interfaces
View ArticleRe: MCLAG between QFX10002 and QFX5100
Hi Benjamin, This problem is expected behavior for Active Active setup. Add Static ARP at both the IRB interfaces then you should be able to ping both side: set interfaces irb unit XX family inet...
View ArticleRe: MCLAG between QFX10002 and QFX5100
I agree with Stefan. Unfortunately most of Juniper's MC-LAG documentation is either unclear or missing this important piece of information for that for all L3 IRB's that span the 2 x MC-LAG Core...
View ArticleRe: 802.1-AE not working with EX4300
Hello, Hope this link is helpful in explaining MACSEC requirements, licenses as well as limitations on EX4300. https://www.juniper.net/documentation/en_US/junos/topics/concept/macsec.html Regards, Rushi
View ArticleRe: 802.1-AE not working with EX4300
Hi, I went through that document when we decided to buy a macsec licence for the EX4300. I'm well past that point in my configuration. I did everything by the book and configured the switch acording to...
View ArticleACX5048 Analyzer down
Hi,I'm trying to get analyzer working on ACX5048.I have firmware 15.1X54-D60.9I am trying to sniff packets in my lab to try and figure out whats going wrong with the setup, but the analyzer is...
View ArticleRe: 802.1-AE not working with EX4300
Hello,Radius Server must meet following conditions: 1) Radius Server needs to be configured as the user database for 802.1X authentication.2) EAP-TLS authentication framework is required on a...
View ArticleRe: ACX5048 Analyzer down
Hello, Did you check this documentation? https://www.juniper.net/documentation/en_US/junos/topics/example/port-mirroring-local-qfx-series-els.html Regards, Rushi
View ArticleRe: 802.1-AE not working with EX4300
Quick question, if you do not use User Authentication via 802.1x, is the MACSEC client to switch working? What MACSEC SW are you using on the client side? People I have worked with on this, have not...
View ArticleVME virtual port?
version 15.1X53-D55.5 I'd like to be able to get into the management remotly using http or ssh.I have enabled both and applied an ip address to the management interface.I can use both the HTTPS or SSH...
View ArticleRe: VME virtual port?
Hello, VME port's use is entirely different. You can refer to the KB below for the same: https://kb.juniper.net/InfoCenter/index?page=content&id=KB11044 I don't think you can achieve what you want...
View ArticleRe: VME virtual port?
... agree as the VME is a VIP of all ME -ports but... if you want inband access you can create a L3-interface for a vlan using the irb (ELS-syntax) or vlan (EX syntax) interface.Together with a static...
View ArticleRe: ACX5048 Analyzer down
I had read that yes - thankyou.unfortunately it shows the target interface configured with ethernet-switching, which doesn't seem to be acceptable to the acx5k.I found the solution this morning by...
View ArticleRe: VME virtual port?
The physical management port on the back of your switch is called em0 on a QFX or EX4600 or me0 on an EX3200, 3300, 3400, 4200 or 4300. The port is only for out-of-band management meaning you cannot...
View ArticleRe: 802.1-AE not working with EX4300
I may have said things wrong. I am using 802.1x authentication on the switch. It works fine, and users get authenticated. I can see that both on the switch side and in the radius logs. When I try to...
View ArticleRe: 802.1-AE not working with EX4300
Which 802.1x supplicant are you using that supports MACSec? Cisco Anyconnect? I don't believe any of the major OSes (Windows 10, Mac OSX 10.10) have native support yet, except Linux with iproute2.
View ArticleRe: EX2200 lost management interface after ethernet loop
Can you provide the output of "show route" from the affected switch?
View Article