ScreenOS Firewalls (NOT SRX)
Reply
New User
Vasiliy Rudomanov
Posts: 3
Registered: ‎06-02-2011
0

Are exists Secure Port Modules (SPM) for Juniper ISG-2000?

Hello.

I want to find information about using Ethernet interfaces in ISG-2000 as link aggregation bundles.

Refer to Juniper ScreenOS Reference Guide, ISG-2000 supports this feature only for SPM modules and does not support that feature for I/O modules.

I tried to find any SPM modules for ISG-2000, but only I/O modules presents inside Juniper price-list.

 

Please help me to find Ethernet modules for ISG-2000 which supports aggregating.

 

Thank you.

Recognized Expert
aweck
Posts: 255
Registered: ‎07-24-2009
0

Re: Are exists Secure Port Modules (SPM) for Juniper ISG-2000?

Where did you read that link aggregation is not supported on the ISG2k I/O modules (link, page no.)?  All in-band interfaces on the ISG2k come from I/O modules, there are no built-in in-band interfaces on it.  Link aggregation is supported and possible on the ISG2k.

Juniper Elite Partner
JNCIE-ENT #63, JNCIE-SP #705, JNCIE-SEC #17, JNCIS-FWV, JNCIS-SSL
New User
Vasiliy Rudomanov
Posts: 3
Registered: ‎06-02-2011
0

Re: Are exists Secure Port Modules (SPM) for Juniper ISG-2000?

In the document "ScreenOS Concepts & Examples Reference Guide" in the part 11 "High Availibility" (http://www.juniper.net/techpubs/software/screenos/screenos6.3.0/630_ce_HA.pdf) on the page 57 you could find:

 

------------

Aggregate Interfaces

 

Some system platforms, such as the Integrated Security Gateway (ISG) systems and the NetScreen-5000 systems, allow you to combine the throughput of one or morepairs of physical ports into a single virtual port. This virtual port is known as an aggregate interface. Only Secure Port Modules (SPMs) support this feature, and you can only aggregate side-by-side ports that reside on the same module.

 

NOTE: Aggregation is not allowed across I/O modules 

-------------

 

So this is the reason why I asking you, technical community, where the truth? :smileyhappy:

Recognized Expert
aweck
Posts: 255
Registered: ‎07-24-2009
0

Re: Are exists Secure Port Modules (SPM) for Juniper ISG-2000?

Aggregate ports cannot be configured across I/O modules, but they can certainly be configured using ports within an I/O module.

Juniper Elite Partner
JNCIE-ENT #63, JNCIE-SP #705, JNCIE-SEC #17, JNCIS-FWV, JNCIS-SSL
New User
Vasiliy Rudomanov
Posts: 3
Registered: ‎06-02-2011
0

Re: Are exists Secure Port Modules (SPM) for Juniper ISG-2000?

Ok, thank you!

Now I got what the point inside this note.

But why there is a sentence "Only Secure Port Modules (SPMs) support this feature"? Is an I/O modules are SPM modules also?

Recognized Expert
aweck
Posts: 255
Registered: ‎07-24-2009
0

Re: Are exists Secure Port Modules (SPM) for Juniper ISG-2000?

SPM are the interface cards used on NS5200/5400 devices.  The other type of card for these devices are Management modules, which have a few built-in interfaces for OOB and HA.  So it is not relevant for ISG's.  All the I/O modules for ISG's support aggregate interfaces.

Juniper Elite Partner
JNCIE-ENT #63, JNCIE-SP #705, JNCIE-SEC #17, JNCIS-FWV, JNCIS-SSL
Copyright© 1999-2013 Juniper Networks, Inc. All rights reserved.