Management
Highlighted
Management

Adding an existing SRX Cluster into Junos Space

‎05-24-2013 09:01 AM

I know I may be all alone here; I feel like the first customer to be using Junos Space to manage some new SRX devices.   The documentation and available resources are absolutely awful!!  Okay, no more ranting. 

 

Has anybody had any experience discovering SRX clusters with Space?  Should I be discovering both devices using their individual management IP, cluster loopback, or the management master-ip?   The documentation only seems to discuss configuring a standalone device from a two-node cluster and takes you through the steps of converting your cluster into stand-alone devices. 

 

Thanks,

Nick

 

10 REPLIES 10
Highlighted
Management

Re: Adding an existing SRX Cluster into Junos Space

‎06-03-2013 06:46 AM

Hi Nick,

 

That's how I've done it.

 

Each member is discovered using their individual management IP.

Space initiates a SSH connection to both nodes in the cluster.

 

Under Platform->Device->Device Management, both members are listed,

Under Security Design-> Security Design Devices, the cluster will be referenced.

 

Regards,

Sam

Highlighted
Management

Re: Adding an existing SRX Cluster into Junos Space

‎06-03-2013 06:53 AM

Thanks for the feedback.  Getting my devices imported was a bit of a bumpy road, but now that they are imported and I worked through the imcompatibilities between the existing SRX and Junos Space security polices, I'm finally moving ahead.

 

Thanks,

Nick

 

Highlighted
Management

Re: Adding an existing SRX Cluster into Junos Space

‎01-17-2014 03:29 PM

Hello,

Did you document your steps? I am in need of information regarding how to move a SRX cluster from NSM to Space.

I will appreciate it if I can get some insight from you.

Actually when I am done here I will be writing a documentation to help others.

My email: sbnet1@gmail.com

Thanks

Highlighted
Management

Re: Adding an existing SRX Cluster into Junos Space

‎04-11-2015 10:12 AM

Hi,

 

I'm glad I found this topic online. I added the two SRX (which are configured in active/passive cluster) with their management IP addresses but when I check these devices in the security directory platform I can still see them as two seperate devices rather than as a cluster as you have mentioned. There are like zero documents referring how to add a cluster so I would really really like some help here. Am I missing something here?

 

Thanks in Advance,

Fathima

Highlighted
Management

Re: Adding an existing SRX Cluster into Junos Space

‎04-17-2015 09:57 AM

When you have configured the cluster, have you assigned a master-only IP address across the cluster and used that address for the discovery within Junos Space?

 

https://www.juniper.net/techpubs/en_US/release-independent/nce/information-products/topic-collection...

 

Regards,

Andy

 

 

 

Highlighted
Management

Re: Adding an existing SRX Cluster into Junos Space

[ Edited ]
‎04-23-2015 01:41 AM

Hi,

Thank you for your reply. I added the management IP addresses of each srx device. 

This is the link I had followed:

http://rtoodtoo.net/2013/09/21/how-to-add-an-srx-cluster-to-security-director/

 

Should I add/discover the device using the master-only IP address?

 

 

When I checked the device netconf response from the SRX i saw <virtual chassis> in the output. Should I remove the virtual chassis from the srx configuration? 

 

Thanka and Regards,

Fathima

Highlighted
Management

Re: Adding an existing SRX Cluster into Junos Space

‎04-27-2015 05:03 AM

Sorry for the late reply.

 

You should be able to discover the device using the master address.   I don't believe that you need to worry about removing any additional configuration, although I don't have access to a lab environment at the moment, so am unable to verify further for you at this time.

 

Once the active SRX has been discovered, if you failover the cluster,you should still see the SRX manged within Space, but the hostname will be automatically updated to reflect the current node that is being monitored.

 

Regards,

Andy

Highlighted
Management

Re: Adding an existing SRX Cluster into Junos Space

‎04-28-2015 06:03 AM

Hi,

Thank you for your response.

The SRX cluster is not configured with a master IP. 

I did delete the virtual chassis from the dvice but still with no avail.

I will check with my colleagues on configuraing a master only IP and try the steps you have mention.

 

Will let you know Smiley Happy

Regards,

Fathima Ali

Highlighted
Management

Re: Adding an existing SRX Cluster into Junos Space

‎04-28-2015 08:14 AM

Hi,

 

Good luck with the change.  If this still fails to detect the cluster properly, please post the configuration that you are applying for the master ip address and I'll take a look to see if there is anything out of place.  But I think that it should be relatively straight-forward.

 

Of course the real test will be to see what the behaviour is like with a failover of the cluster, but I'm confident that this will act properly once the discovery is performed based on the master address.

 

Regards,

Andy

Highlighted
Management

Re: Adding an existing SRX Cluster into Junos Space

‎07-30-2015 09:48 PM
Where is this in the documentation? This made discovery work much better.
Theodore E Van Iderstine
Stream Networks
+1 678 373 4200 x125
JNCIA-ER (expired), JNCIA-SSL (ditto)