SRX Services Gateway
Reply
Contributor
shyan
Posts: 204
Registered: ‎08-07-2010
0

Re: SRX210 running 10.4 dynamic VPN license

Hi Cole,

 

The commands, clear security dynamic-vpn user <username> ike-id <ike-id>,  you posted is not supported in srx.

 

root@abo> show security dynamic-vpn users gs
                                                                         ^
syntax error, expecting <command>.
root@abo> show security dynamic-vpn users gs

 

I think you are worong

Best Regards,
Ghan Shyam
=========================
CCNA,JNCIA-Junos,JNCIS-SEC
=========================
www.gsraut.com.np



If this help to solve your problem, please mark this post as "Accepted Solution."
Kudos are always appreciated.

Super Contributor
colemtb
Posts: 313
Registered: ‎09-30-2009
0

Re: SRX210 running 10.4 dynamic VPN license

[ Edited ]

EDIT, late night, even earlier morning...

 

remove the "s" from users.

 

admin@labgw-fw> show security dynamic-vpn users
User: mcole , Number of connections: 1
    Remote IP: 76.7.X.X
    IPSEC VPN: wizard_dyn_vpn
    IKE gateway: gw_wizard_dyn_vpn
    IKE ID   : mcolesrxlab
    IKE Lifetime: 28800
    IPSEC Lifetime: 3600
    Status: CONNECTED


admin@labgw-fw> clear security dynamic-vpn user mcole ike-id mcolesrxlab
Connection entry for user mcole has been cleared

admin@labgw-fw>

Contributor
shyan
Posts: 204
Registered: ‎08-07-2010
0

Re: SRX210 running 10.4 dynamic VPN license

Hi cobe,

 

root@abo> show security dynamic-VPN users
User: ghanshyam , Number of connections: 1
    Remote IP: 202.x.x.x
    IPSEC VPN: dynamic-VPN-dilip
    IKE gateway: dyn-gw-test
    IKE ID   : ghanshyam
    IKE Lifetime: 3600
    IPSEC Lifetime: 28800
    Status: CONNECTED

 

But the command, clear security dynamic-VPN ..........., doesn't work.

it look as when I entered

root@abo> clear security dynamic-VPN
                                                          ^
syntax error, expecting <command>.
root@abo> clear security dynamic-VPN

 

If u able to enter this command, why don't I  enter ?and like to post, I can't omit from 's' from 'users' without it shows as above.Just check this command once  again to conform

Best Regards,
Ghan Shyam
=========================
CCNA,JNCIA-Junos,JNCIS-SEC
=========================
www.gsraut.com.np



If this help to solve your problem, please mark this post as "Accepted Solution."
Kudos are always appreciated.

Super Contributor
colemtb
Posts: 313
Registered: ‎09-30-2009
0

Re: SRX210 running 10.4 dynamic VPN license

It's case sens...  don't caps.  VPN.  just vpn.  dynamic-vpn.

Contributor
shyan
Posts: 204
Registered: ‎08-07-2010
0

Re: SRX210 running 10.4 dynamic VPN license

Again I am getting the same error

 

root@abo# run clear security dynamic-vpn
                                                     ^
syntax error, expecting <command>.
root@abo# run clear security dynamic-vpn

Best Regards,
Ghan Shyam
=========================
CCNA,JNCIA-Junos,JNCIS-SEC
=========================
www.gsraut.com.np



If this help to solve your problem, please mark this post as "Accepted Solution."
Kudos are always appreciated.

Super Contributor
colemtb
Posts: 313
Registered: ‎09-30-2009
0

Re: SRX210 running 10.4 dynamic VPN license

Did you down-grade?

 

Platform, version?

Contributor
junostim
Posts: 25
Registered: ‎02-03-2011
0

Re: SRX210 running 10.4 dynamic VPN license

Just wanted to confirm that the clear command works for me running 10.4R2.7 on a SRX100

 

 

clear security dynamic-vpn user *username* ike-id *ike-id*

 

 

I found that if you just close access manager without disconnecting the license assignment seems to hang for a bit.  I've not tested for how long it hangs yet.  Could be a nasty issue if you have say a 25 user dynamic vpn license, and users are fond of just "x"ing out of access manager or just shutting down their PCs.

 

if I figure out why they hang or for how long I will post the results.

Copyright© 1999-2013 Juniper Networks, Inc. All rights reserved.