Re: SRX345 global trans mode to switch mode
Not an SRX expert by any stretch of the imagination but without IRB how are you connecting via SSH to the SRX to start with, is it via FXP0? If yes, then I believe (for sure?) that changing...
View ArticleRe: SRX345 global trans mode to switch mode
Thanks for Your reply - im connecting to SRX via lo0 interface will this change anything? I just need to be 110% sure that global-mode change will not cutt me off..And im only one person who do...
View ArticleRe: irb .vs l3-interface
I also have an out of box config. but I cannot assign the default vlan to irb.0 mbila@ex2300# set vlans default l3-interface irb.0{master:0}[edit]mbila@ex2300# commit[edit vlans default l3-interface]...
View ArticleRe: irb .vs l3-interface
irb is configured under interfaces set interface irb.0 look below. Although this is for MX should equally apply to newer EX models....
View ArticleRe: irb .vs l3-interface
in my config, I do have interface irb defined. I am not sure what to do with the article you state. do I need a bridge domain? I just want to route on the default vlan using all ports for ethernet...
View ArticleRe: irb .vs l3-interface
Checked deeper and looked at your config. You have no vlans configured underset vlans vlan-name vlan-id vlan-id Once done, and you can call the name Default if you like, then you can add l3-interface...
View ArticlePort Mirror on EX2200
Hi. I have what I believe is a correct port mirror (analyzer) config on my EX2200, however I do not see any traffic on the analyzer output port. Can someone make a suggestion on what the issue may be....
View ArticleRe: irb .vs l3-interface
That worked! Thank you very much. Just some feedback. The ezsetup does not work (command line or web). you will receive errors when trying to use the default vlan for management or dedicated management...
View ArticleRe: JFlow Support for EX and What is the Max Sample rate
HiI need to know what is the Max sflow/jflow Sample Rate of EX series. Can any one give me authentic link/doc. i need for tender complience. Regards,Rahim
View ArticleRe: JFlow Support for EX and What is the Max Sample rate
Here is the documentation for sflow on the EX switches. https://www.juniper.net/techpubs/en_US/junos14.2/topics/concept/sflow-ex-series.html...
View Articleae interface shutoff by storm control, how do i see which of its member...
Hi all I got an ae interface with about 8 member ports. For some reason storm control was triggered and the ae got shut down. I am looking at the logs and it only says when it was shutdown and only the...
View ArticleProblem with vlans merging one core to another core
So we have a COLO core in the 10.20.9.254/24, and we are moving the entire server farm attached to this core to our corporate MDF, which has a core of 10.11.9.254/24. I want to change the vlan IDs to...
View ArticleHi MC-LAG + VRF ?
Hi, Im curious is it possible to do MC-LAG with "Virtual router instance" beetwen 2 peering switch, i see an example doing mc-lag with vrrp to achieve active-active link, can i do it with virtual...
View ArticleRe: Problem with vlans merging one core to another core
Looks good, but you seem to have a typo in the last VLAN update set vlans UTILITY-233-MGMT vlan-id 233 set vlans UTILITY-33-MGMT l3-interface vlan.33should beset vlans UTILITY-233-MGMT vlan-id 233 set...
View ArticleRe: Hi MC-LAG + VRF ?
I'm not sure I understand the topology. But the questions seems to be can you treat an MC-LAG interface the same way you would treat an AE interface. In that case the answer is yes. The MC-LAG can...
View ArticleRe: Hi MC-LAG + VRF ?
In Active-active MC-LAG- we use to configure IRB interface for each vlan, now put eachIRB interface in serprate routing instance and your target is achieved.
View ArticleRe: Hi MC-LAG + VRF ?
Not sure which product you are talking about, but yes MC-LAG configuration can be used with type virtual-router or virtual-switch. Without doing something special, generally route leaking, but default...
View Articlebest practice for switch lockdown?
I have some ex2200 switches running 12.3. What is recommended practice for securing the switch such that unauthorised switches, WAPs, routers will be locked out if connected? ie; only permit end user...
View ArticleRe: best practice for switch lockdown?
Best resource for this is the free Day One book Hardening Junos Devices. The quick fix would be to concentrate on the firewall filter section that locks down access and ports on the switches for...
View ArticleRe: best practice for switch lockdown?
Hi, I believe there could be a couple of options:1. Basic port security https://www.juniper.net/documentation/en_US/junos12.3/topics/example/port-security-configuring.html 2. Network Access Control...
View Article