ScreenOS Firewalls (NOT SRX)
Reply
Contributor
sona
Posts: 25
Registered: ‎07-13-2009
0
Accepted Solution

Management access to Master&Backup juniper

Hi Expert,

I have two 520M juniper firewalls in HA(Master and backup)

Now I am about to configure monitoring tool to monitor both firewalls and wanna access to both firewalls for management purpose.

 

I have assigned IPs as follows:

Master juniper:

set interface ethernet0/0.4 ip 10.1.174.1/25
set interface ethernet0/0.4 route

set interface ethernet0/0.4 manage-ip 10.1.174.2


Backup Juniper:

set interface ethernet0/0.4 ip 10.1.174.1/25
set interface ethernet0/0.4 route

set interface ethernet0/0.4 manage-ip 10.1.174.3

  

The problem is I can only access to master juniper using "Manage IP-10.1.174.2".  At the same time I can't access backup juniper using "Manage IP-10.1.174.3".

  

 But If I manually change the backup juniper to act as a master, Then I can access the firewall using "Manage IP-10.1.174.3" but can't  access "Manage IP-10.1.174.2( now it's in backup juniper)".

 

Hence, I can only access to master juniper using "Manage IP". please help me to advice on what should I do to access both firewall at the same time.

 

Thanks in Advance!

 

Regards,

Sona

  

 

 

Distinguished Expert
spuluka
Posts: 2,567
Registered: ‎03-30-2009
0

Re: Management access to Master&Backup juniper

Here are the troubleshooting guides for management of nsrp clusters.  Follow down the list to the specific circumstances of your issue.  then there is a link to a kb article for each possible problem that walks you through the configuration adjustements needed.
 
Flow chart version:
http://kb.juniper.net/kb/documents/public/resolution_path/J_visio_kb11363.htm
 
Question/Answer version:
http://kb.juniper.net/InfoCenter/index?page=content&id=KB11363

Reference:
 
Here is the master troubleshooting guide for nsrp
http://kb.juniper.net/kb/documents/public/resolution_path/J_visio_NSRP_resolution_guide.ht

Steve Puluka BSEET
Juniper Ambassador
Senior Network Engineer - UPMC Pittsburgh, PA
JNCIA-ER JNCIA-EX JNCIS-SEC JNCIP-SEC
JNCIS-FWV JNCIS-SSL
MCP - Managing Server 2003 MCP - Windows XP Professional
MCTS Windows 7
http://puluka.com/home
Contributor
sona
Posts: 25
Registered: ‎07-13-2009
0

Re: Management access to Master&Backup juniper

Hi Spuluka,

Thanks for your reply.

really sorry....I forgot to tell you that...I can access both firewall from inside networks(without client VPN). But if I try to access the same from my Netscreen client VPN remotly, I can't access the backup firewall.

 

Checked Policy log in primary firewall and found  no return packet from Backup Manage IP.

 

Please help to advice...Thanks!

 

Sona

 

Contributor
hagbard
Posts: 61
Registered: ‎10-29-2008
0

Re: Management access to Master&Backup juniper

Please check KB11374

Contributor
sona
Posts: 25
Registered: ‎07-13-2009
0

Re: Management access to Master&Backup juniper

Vow!!...It's works now after issued this cmd "set flow mac-cache mgt"

 

Thanks U!..

Sona

Copyright© 1999-2013 Juniper Networks, Inc. All rights reserved.