IPv6 Tacacs+ Support (tac_plus)
cooperleesRecently @ Facebook we found that we required IPv6 access to TACACS for auth (AAA) for the majority of our production Network Equipment. Tacacs+ (tac_plus) is an old daemon released by…
RANCID with Junos Read-Only User
Here is the setting for a Junos device to create a user with read only privileges to allow RANCID to work. set system login class RANCID permissions access set system…
Updating Juniper QFabric
The follow post shows output obtained and the upgrade process performed recently on a clients QFabric system. This output was captured updating from 12.2X30 to 12.2X50 Junos release via a…
SRX Branch Chassis Cluster Ports
Here is a table of the ports that are used for chassis cluster control link and management ports on Branch SRX devices. The quoted ports are the 'stand alone' non…
Backup your Junos configs TODAY !
Cooper's tip of the moment, ALWAYS backup your Junos configurations. Hate when a customer does not, your router does not have raid (unless it has redundant REs, VC or is…
QFabric Part 1 – Explained and Explored First Hand
I was lucky enough to be one of the first APAC partner engineers to get my hands on Juniper's new QFabric gigantic scalable switch technology. I have even beat some…
Junos Aggregated Ethernet w/LACP and Cisco Nexus Virtual Port Channel
So when I was googiling around looking for working configurations of Junos (EX in this case) AE working with a Cisco vPC (Virtual Port Channel) I could not find any…
Juniper SRX Screens + Dynamic VPNs
Little tip with SRX Dynamic VPNs and 'security screens' on the VPN's ingress zone I stumbled across during my JNCIE-SEC study. UPDATE (20120401): Seems Juniper has addressed and fixed this bug ...…
Valentines – Junos Style !
Awesome - This would get the chicks ...
Microsoft NPS Server + Juniper JUNOS VSA
A lot of companies run Microsoft's Active Directory AAA infrastructure. A nice add on to AD (apart from my favorite 'Services for UNIX') is the Network and Policy Server (NPS). Using…