Screen OS

last person joined: 8 months ago 

This is a legacy community with limited Juniper monitoring.

  • 1.  Unable to manage device

    Posted 07-29-2009 01:45

    Hi all,

     

    I have a SSG5 device with 6.1 ScreenOS version. Device management is working OK (ssh, web...), but sometimes web management hang and I'm not able to manage the device anymore. I just can't connect to it. The IP address of my client computer has not changed. The only solution I found for the moment is to reboot the device. After that, I can connect to it again.

    That's a really strange problem. 

     

    Any ideas?

     

    Thank you,



  • 2.  RE: Unable to manage device

    Posted 07-29-2009 07:13
    Can you establish a remote client session (dial up user) and manage from the trusted side?


  • 3.  RE: Unable to manage device

    Posted 07-29-2009 07:53

    Hello,

     

    what is dial up user?

     

    management works well from trusted side. Sometimes the web-interface gets slow and management become impossible...

     

    I will try to upgrade to firmware v6.1.0r6 because I found the following issue on release notes:

    271129—Unable to manage device after the interface received many TCP out
    of order packets.

     

     

     

     



  • 4.  RE: Unable to manage device

    Posted 07-29-2009 21:10
    A dialup user is a vpn into the ssg-5 by a remote PC client through their internet service. Not necessarilly a real dialup user, but it is referred to that way by Juniper. It gives sales people on the road access to the trusted side, and thus the company network, assigning them an addy from a pool you define. It also gives you remote access to manage the device from the trusted side and allows you to turn off management from the untrusted side. You can make the box totally management dark from the untrusted side requiring all work to be done via a secure session. That's why I asked if you could manage from the trusted side. You could apply changes to make it unmanageable, and then back to manageable again to see if that clears the problem. If it does, then you have bug info for Juniper to work with.


  • 5.  RE: Unable to manage device

    Posted 07-30-2009 00:40
    Oh, ok Bill_G. Thanks for the explanation.


  • 6.  RE: Unable to manage device
    Best Answer

    Posted 07-30-2009 02:54

    Hello Newbie_6

     

    i think you should uograde your ScreenOS version i had meet a same mistake, you can see whiche Juniper recomande version and install it 

     

    thnaks



  • 7.  RE: Unable to manage device

    Posted 07-29-2009 07:50
    When you lose connectivity from the web do you also lose other forms of connectivity - IE ssh and console. If you don't have you tried to get into the box prior to a reboot and looking at the logs? That would be the first thing that comes to mind.


  • 8.  RE: Unable to manage device

    Posted 07-30-2009 00:38
    Hello muttbarker, I also loose ssh connectivity. I didn't try console. 😞 I'll try asap.