Here is the setting for a Junos device to create a user with read only privileges to allow RANCID to work. [plain] set system login class RANCID permissions access set system login class RANCID permissions admin set system login class RANCID permissions firewall set system login class RANCID permissions flow-tap set system login class RANCID [ View Post… ]
RANCID with Junos Read-Only User
Updating Juniper QFabric
The follow post shows output obtained and the upgrade process performed recently on a clients QFabric system. This output was captured updating from 12.2X30 to 12.2X50 Junos release via a ‘Non Stop Services Upgrade’ (NSSU) method. This method basically is a very conservative approach updating redundant components one at a time. The overall process is: [ View Post… ]
Juniper SRX Chassis Cluster RG0 Nagios Check
I was required to check (as this customer did not have a trap collector) which node was active for redundancy group 0 on a SRX cluster. So I thought I would check for a SNMP OID that is only presented by the active RG0 node. This script uses snmpwalk and is configured to use SNMP v2c [ View Post… ]
VMWare Guest Consoles over a WAN with Latency
<p>Have you ever used the VMWare console over a WAN with latency and it enters multiple key strokes into the console and makes using the console super annoying! It makes me HATE VMWare and want to smash it into 10000 pieces with a baseball bat.</p> <p>Well the answer is to add a line to your [ View Post… ]
SRX Branch Chassis Cluster Ports
Here is a table of the ports that are used for chassis cluster control link and management ports on Branch SRX devices. The quoted ports are the ‘stand alone’ non clustered port names (not node1’s port names once clustered). In a SRX cluster the PIM slots on node1 start at the last PIM slot of [ View Post… ]
Backup your Junos configs TODAY !
Cooper’s tip of the moment, ALWAYS backup your Junos configurations. Hate when a customer does not, your router does not have raid (unless it has redundant REs, VC or is in a Chassis Cluster :)). It’s a built in feature of Junos so use it! It even allows multiple sites, so if you have DR [ View Post… ]
QFabric Part 2 – Lets get Down and Dirty Deploying and Configuring …
Juniper is selling QFabric as a bundle. Due to this the install has been templated and will be similar in regards to the control plane and getting the fabric up and ready to be configured for each target environment. Every QFabric bundle today must include Juniper Professional Services. Hopefully in the future I (and other [ View Post… ]
QFabric Part 1 – Explained and Explored First Hand
I was lucky enough to be one of the first APAC partner engineers to get my hands on Juniper’s new QFabric gigantic scalable switch technology. I have even beat some of Juniper’s own SEs. In general, it rocks, but does have some features and fine tuning, this will come. This post is an introduction to [ View Post… ]
Junos Aggregated Ethernet w/LACP and Cisco Nexus Virtual Port Channel
So when I was googiling around looking for working configurations of Junos (EX in this case) AE working with a Cisco vPC (Virtual Port Channel) I could not find any examples … So I said that I would post one. I will not be covering how to set up a VPC, if you’re interested in [ View Post… ]
Juniper SRX Screens + Dynamic VPNs
Little tip with SRX Dynamic VPNs and ‘security screens’ on the VPN’s ingress zone I stumbled across during my JNCIE-SEC study. UPDATE (20120401): Seems Juniper has addressed and fixed this bug … More info: http://kb.juniper.net/InfoCenter/index?page=content&id=KB21713&actp=RSS It seems you can not have the ‘IP Spoofing’ screen enabled when sending IPSec Dynamic VPN traffic ingressing into the zone with [ View Post… ]
Recent Comments