12-07-2009 03:06 PM
I received the "I Love JUNOS Software" stickers. Thanks!
THANKS for the Free Training Materials and the Free Exam Voucher!!!
I successfully passed the JNO-342 exam and am awaiting my JNCIA-ER certificate.
JNCIS-ER and JNCIA-EX are next.
12-16-2009 10:17 AM
I have took 2 exams thanks to fasttrack vouchers, and I have passed them thanks to the study materials and free dumps available online . Now I am JNCIA-ER and JNCIS-ER.(with 100% discount).
I would like to receive the 'I Love JUNOS' stickers ....because I am really lovin it!!
Thanks a lot for introducing this offer!
12-16-2009 05:00 PM - edited 12-16-2009 05:01 PM
Congratulations on earning Junos based certs!! We're almost out of stickers so shoot me an email at email@example.com and I'll get them in the mail.
05-17-2011 11:09 PM
This is my first time posting a message in JNET and so I apologize if I am in the wrong board.
I am currently taking my self study for JNCIA and I am using 1 SRX100 for simulation. I am following the JUNOS Cookbook from Oreilly and I am now in firewall filter part.
my configuration is all default and my problem is below.
I set-up an IP address 10.1.1.1/24 to fe-0/0/2 and connect my laptop with IP of 10.1.1.2/24
root@router1# run show interfaces terse fe-0/0/2
Interface Admin Link Proto Local Remote
fe-0/0/2 up up
fe-0/0/2.0 up up inet 10.1.1.1/24
from the output, I am not sure if I should be seeing the 10.1.1.2/24 under the remote column.
but I supposed that by befault. all traffic should be accepted since I did not specidfy any filter.
when I ping 10.1.1.1 from my laptop. I am receiving a request time out. but when I execute "arp-a" I can see the
SRX100 fe-0/0/2 mac address registered to my laptop's mac address table.
I am not yet good in setting up zones in junos but if you think theres something missing in my test configuration,
I will appreciate any advise to make it work.
As I undeerstand,
05-18-2011 05:51 AM
You won't see the .2 address under remote. If your ping is failing you probably are running into a security issue. You may want to run the box wide open to start with. I would recommend reading the Juniper Day One guides but in the interim here are a couple of good commands:
user@host# set security policies default-policy permit-all <this command allows traffic flow across all security zones>
Within a zone you may want to set:
user@host# set security zones security-zone ZONENAME host-inbound-traffic system-services all
This will allow ALL inbound traffic <pings, ftp....> to the interfaces defined in the zone - or specify the specific traffic types....
Feel free to post your config! Also I would HIGHLY recommend you get the JUNOS Security book from O'Reilly and the JUNOS Enterprise Routing book. The cookbook is great but the Security book reflects all the needed material for working the newer flow based JUNOS that now runs and is geared specifically for the SRX solution.
Finaly you can run your SRX as a non flow based device and essentially turn off all flow based security by issuing the following command:
user@host# set security forwarding-options family mpls mode packet-based
Hope this helps you.