ScreenOS Firewalls (NOT SRX)
Blogs
Discussion Forums
Programs & Events
turn on suggestions Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Reply
Topic Options
sona
Contributor
sona
Posts: 25
Registered: ‎07-13-2009
0
Accepted Solution

Management access to Master&Backup juniper

Options

‎03-27-2011 12:48 PM

Hi Expert,

I have two 520M juniper firewalls in HA(Master and backup)

Now I am about to configure monitoring tool to monitor both firewalls and wanna access to both firewalls for management purpose.

 

I have assigned IPs as follows:

Master juniper:

set interface ethernet0/0.4 ip 10.1.174.1/25
set interface ethernet0/0.4 route

set interface ethernet0/0.4 manage-ip 10.1.174.2


Backup Juniper:

set interface ethernet0/0.4 ip 10.1.174.1/25
set interface ethernet0/0.4 route

set interface ethernet0/0.4 manage-ip 10.1.174.3

  

The problem is I can only access to master juniper using "Manage IP-10.1.174.2".  At the same time I can't access backup juniper using "Manage IP-10.1.174.3".

  

 But If I manually change the backup juniper to act as a master, Then I can access the firewall using "Manage IP-10.1.174.3" but can't  access "Manage IP-10.1.174.2( now it's in backup juniper)".

 

Hence, I can only access to master juniper using "Manage IP". please help me to advice on what should I do to access both firewall at the same time.

 

Thanks in Advance!

 

Regards,

Sona

  

 

 

Message 1 of 5 (548 Views)
 
Reply
Distinguished Expert
Distinguished Expert
spuluka
Posts: 1,612
Registered: ‎03-30-2009
0

Re: Management access to Master&Backup juniper

Options

‎03-27-2011 04:44 PM

Here are the troubleshooting guides for management of nsrp clusters.  Follow down the list to the specific circumstances of your issue.  then there is a link to a kb article for each possible problem that walks you through the configuration adjustements needed.
 
Flow chart version:
http://kb.juniper.net/kb/documents/public/resolution_path/J_visio_kb11363.htm
 
Question/Answer version:
http://kb.juniper.net/InfoCenter/index?page=content&id=KB11363

Reference:
 
Here is the master troubleshooting guide for nsrp
http://kb.juniper.net/kb/documents/public/resolution_path/J_visio_NSRP_resolution_guide.ht

Steve Puluka BSEET
Juniper Ambassador
Senior Network Engineer
JNCIA-ER JNCIA-EX JNCIS-SEC JNCIP-SEC
JNCIS-FWV JNCIS-SSL
MCP - Managing Server 2003 MCP - Windows XP Professional
MCTS Windows 7
http://puluka.com/home
Message 2 of 5 (542 Views)
 
Reply
sona
Contributor
sona
Posts: 25
Registered: ‎07-13-2009
0

Re: Management access to Master&Backup juniper

Options

‎03-27-2011 11:27 PM

Hi Spuluka,

Thanks for your reply.

really sorry....I forgot to tell you that...I can access both firewall from inside networks(without client VPN). But if I try to access the same from my Netscreen client VPN remotly, I can't access the backup firewall.

 

Checked Policy log in primary firewall and found  no return packet from Backup Manage IP.

 

Please help to advice...Thanks!

 

Sona

 

Message 3 of 5 (533 Views)
 
Reply
hagbard
Contributor
hagbard
Posts: 59
Registered: ‎10-29-2008
0

Re: Management access to Master&Backup juniper

Options

‎03-28-2011 02:42 AM

Please check KB11374

Message 4 of 5 (524 Views)
 
Reply
sona
Contributor
sona
Posts: 25
Registered: ‎07-13-2009
0

Re: Management access to Master&Backup juniper

Options

‎03-30-2011 03:49 AM

Vow!!...It's works now after issued this cmd "set flow mac-cache mgt"

 

Thanks U!..

Sona

Message 5 of 5 (503 Views)
 
Reply
Copyright© 1999-2013 Juniper Networks, Inc. All rights reserved.