SRX Services Gateway
Highlighted
SRX Services Gateway

SRX-300 J-Web ERR_TUNNEL_CONNECTION_FAILED https access

‎10-15-2019 02:36 AM

Hi There,

I am trying to access J-Web on my SRX, unfortunately when I try to https browse to it (I have tried Chrome and IE) I am unable to connect. For instance on Chrome I get the error ERR_TUNNEL_CONNECTION_FAILED. If I try to http to the device I get "Could Not Connect, Description: Could not connect to the requested server host." I can ping the device and SSH to it from my machine. I have tried restarting it and restarting the web-management service.

 

Has anybody seen this before?

Thanks for your Time!

4 REPLIES 4
Highlighted
SRX Services Gateway

Re: SRX-300 J-Web ERR_TUNNEL_CONNECTION_FAILED https access

‎10-15-2019 02:56 AM

Confirm that https is enabled with certificate under the system stanza.

 

And confirm that https is allows for the zone which the ip address is associated under

security zones security zone NAME_OF_ZONE host-inbound-traffic system-services

 

Steve Puluka BSEET - Juniper Ambassador
IP Architect - DQE Communications Pittsburgh, PA (Metro Ethernet & ISP)
http://puluka.com/home
Highlighted
SRX Services Gateway

Re: SRX-300 J-Web ERR_TUNNEL_CONNECTION_FAILED https access

‎10-15-2019 03:09 AM

Hi There,

Thanks for your quick response, I believe the config is correct, I have the following ( I am using interface ge-0/0/0.0)

 

networks@HVAR1> show security zones

Security zone: CLEAR
Send reset for non-SYN session TCP packets: Off
Policy configurable: Yes
Interfaces bound: 2
Interfaces:
ge-0/0/0.0
lo0.1

 

networks@HVAR1> show configuration system services web-management
http {
interface ge-0/0/0.0;
}
https {
system-generated-certificate;
interface ge-0/0/0.0;
}

 

networks@HVAR1> ...urity-zone CLEAR host-inbound-traffic system-services
all;
https;

Highlighted
SRX Services Gateway

Re: SRX-300 J-Web ERR_TUNNEL_CONNECTION_FAILED https access

‎10-16-2019 03:11 AM

yes, that config looks correct.   But you would need to add just http to system if you want unencrypted access to respond too.

 

What is the Junos version installed and the chrome version?

This might be a software bug.

or the browsers locking down ssl for self signed certificates but typically the give a different message for that.

 

Steve Puluka BSEET - Juniper Ambassador
IP Architect - DQE Communications Pittsburgh, PA (Metro Ethernet & ISP)
http://puluka.com/home
Highlighted
SRX Services Gateway
Solution
Accepted by topic author NetworksJICT
‎10-16-2019 03:53 AM

Re: SRX-300 J-Web ERR_TUNNEL_CONNECTION_FAILED https access

‎10-16-2019 03:50 AM

Hi there,

Thanks for coming to my aid on this one! It was really just a human blunder....

 

I was connected to the device with a statically addressed LAN port on a laptop. Meanwhile the laptop was connected to our enterprise network via wireless, so I could remote into my laptop and work on the juniper from my main machine. The device didn't mind responding to ping or allow SSH while I worked in this manner. 

 

When I turned the wireless function off on the laptop and removed the proxy settings the GUI worked fine.  Its always the basic things.