07-01-2012 08:53 PM
JNCIA-JUNOS, JNCIS-ENT/SEC, JNCIP-ENT
(CCNA, ACMP, ACFE, CISE)
CONNECT EVERYTHING. EMPOWER EVERYONE.
Share & Learn. Knowledge is Power.
"If there's a will, there's a way!"
08-10-2012 01:16 AM
I have contacted JTAC about the lack of support on the AX411. I have been trying to get a wall bracket, but its no longer on the partner price list. (if you are in the UK and have one to sell, please send me PM)
JTAC have told me its not EOL/EOS.....but I dont belive them.
I did some digging around and the AX411 run Linux. I have make a request for the source code so we the community can try to support ourselves.....as we cant do much worse than Juniper.
08-10-2012 06:26 AM
I too have now tried multiple AX411 wuth multiple SRX's , and am about at wits end , these products are simply not fit for purpose , i have had TAC calls open for over a month with seevral escalations and no real progress apart from a RMA offer which due to me having multiple AX411 wont solve anything.
Can anyone actually say that they have had any good experiences with this product ?
08-18-2012 07:40 AM
I have been incontact with Juniper Customer Services and I have been told that the AS411 is end of sale.
I pointed out that I had only just purchased my AX411 and that I would not have done so, if there were an EOS/EOL notice.
They were desperate to close this ticket off. I have pushed back to Juniper and asked for the source code.
I will update if Juniper bother replying.
08-24-2012 06:21 AM
AX411 is not EOLed. There is one issue that TAC and team are aware of and a script to schedule reboot of the AX once a week (or once a day) would be an option to consider; while the team works to resolve the problem.
We would encourage giving TAC the full detail on how to reproduce your issue, as this always helps. E.g. versions of AX and SRX, which SRX and how many AXs, how are they connected (direct or through switch), what is the AX configuration (CLI dump from SRX), how many days between issues, what kind of clients are connected, are there video streaming clients (such as wireless security cameras 24x7) etc etc. as you can understand RF troubleshooting is challenging and every detail helps.
e.g. I received a T410 from my office as a temporary replacement while they fix my current T410 - and my replacement T410 with identical h/w wouldn't connect to my home AP (3rd party consumer-grade wi-fi router at home). We tried all debugging, and only when we turned off the 11n-mode on my laptop chipset (intel 6200), that it worked. My original T410 connected just fine at 11n.
Phal @ Juniper
08-24-2012 06:32 AM
I Have had a case open with TAC for the last 3 months , and i am sorry to say we have identified 1 issue , but they cannot provide a resolution , and the other issue with dropouts is random , so difficult to pinpoint but you woudl have though 3 months woudl have been sufficient with almost unlimited remote access has been provided to TAC..
i am rebooting the customers AX411 using event scripts every evening , and even going as far to reboot the SRX once a week ...
12-20-2012 03:15 AM
Iin the moment that I decided I wanted to buy an AX411, after some good advice from my honest representative, I found this thread. I have to say it is a major disappointment to see that Juniper can build things that go so terribly wrong.
Is there any news? Is it a good idea now to get an AX411? The other possible solution I have been proposed, a WLA/WLC, starts to be a bit expensive for an access point.
12-20-2012 03:30 AM
Not much news (as far as I know)...
What you can do (we did a 'total-solution' calculation for a client) is look at the 'whole' picture.
Without the AX you might be able to select the Low-Memory variant of your Firewall (although you ofcourse will mis other features)...and then select WTL2 and a WLA532 AP.
Also look at the yearly support cost....WLC (ND) support is cheap, WLA is limited liftime (free) and AX is neither of them!
12-20-2012 03:46 AM
thanks for the info.
The WLA532 is exactly what I'm looking at, but with 450 Mbps I need gigabit ethernet, which means a WLC 800. That's quite a price.
12-20-2012 03:53 AM
I meant WLC2... ...sorry for the Typo!
Anyway, you'll need and a WLC and a WLA!
(so i purposed the combination WLC2 and WLA532)
However, why do you need a Gigabit input (WLC800) if you'r just installing 1 (or 2 AP's ?) even using wifi-N you won't profit from the input ?
12-20-2012 03:57 AM
I'm not sure of what you mean. Doesn't 802.11n go up to 600? And the WLA532 specifically to 450? I can't take advantage of it if I have 100 Mbit LAN. Or I am missing something?
12-20-2012 04:04 AM
I wouldn't count on those speeds...
Only if you go for 5Ghz (which is not yet support by all hardware) you sometimes can get into those (but only at close range of the AP / with almost no inteference!)
But if that's okay...indeed you would need the WLC800.
12-20-2012 05:18 AM
I started this thread oh so many months ago. Once I implemented a script to reboot my AX411 every night I considered the performance "acceptable"
But I recently swapped out our internal networks and dumped the 411 for a WLC2 controller and 532 Access Point and I could not be happier.
Dump the AX411 if you can!
JNCIS-ENT, FWV, SSL, WLAN
JNCIA-ER, EX, IDP, UAC, WX
Juniper Networks Certified Instructor
Juniper Networks Ambassador
Juniper Elite Reseller
J-Partner Service Specialist - Implementation
If this worked for you please flag my post as an "Accepted Solution" so others can benefit. A kudo would be cool if you think I earned it.
12-20-2012 05:37 AM - edited 12-20-2012 05:38 AM
User traffic doesn't have to flow through the WLC, you can use local switching and have it come directly out of the WLA.
12-20-2012 11:39 AM
Mike.S wrote:User traffic doesn't have to flow through the WLC, you can use local switching and have it come directly out of the WLA.
The WLA has one ethernet connector. Do you mean I can connect both the WLC and the WLA to the SRX?
That would be an option. I could get a WLC2 with a WLA532, taking full advantage of the 450 Mbps. When I have the hardware that can go to that speed :-)
12-20-2012 11:43 AM
This would require a SRX with 3 GB ports (1 Internet, 1 WLC, 1 WLA) and one more for your Wired network ?
Maybe, if you have a Gigabit switch already you can go for a SRX with only 2 GB's
(saves a bit ?)
1 Internet and 1 Uplink to your switch (with at least 3 vlan's: wired, management and wifi)
WLC & WLA can then both be connected in your GB switch
12-20-2012 02:57 PM
"Do you mean I can connect both the WLC and the WLA to the SRX?"
Yes. The WLC then doesn't need to go to a gig port, it's only dealing with control traffic. WLA into a gig port so it can support the full available bandwidth. You can drop off user traffic on a per service-profile level, so if you need a web-auth service for guests, that would be tunneled via the WLC (a possible bottleneck), but traffic for clients authenticated via 802.1x and/or PSK could be local-switched at full speed.