I've seen in Juniper SRX-650 documentations, that I have to configure ge-0/0/1 as the Control Port, ge-0/0/2 or ge-0/0/3 as Fabric Port, and ge-0/0/0 for Management, in case I want to have 2 appliances working as a HA cluster.
Now, I am a bit confused. Does this mean that if I only have the buil-in modules - i.e. no extra modules installed - then I'll loose 3 out of the 4 ports for HA and Management, and I'll only have one port left for traffic? Also, is it mandatory to have a dedicated port for management, or can I use ge-0/0/0 as a normal traffic port, and have in-band management?
Thanks a lot.
By the way, here you are the configuration guide I am refering to here.
Plus, it is mandatory that you have a management port configured on each device, so that you can manage them independently. You can use the LAN (reth) port for management, but if there is a failover you will only be able to get to the active reth interface.
There is no "management IP" command on the SRX like there is on ScreenOS (SSG).
As others have said, ge-0/0/0 will become fxp0 (management) as soon as you enable chassis cluster mode. You cannot configure the port as regular traffic port. As you surmised, this means you will have only 1 free GE port for user traffic. This is same for J-Series as well since J-Series also only has 4 onboard ports. SRX650 is best used with gPIMs to allow the amount of interfaces most deployments may need plus add ethernet switching features. The onboard ports are there if you need them but expectation is to use gPIMs for your traffic ports.
I am trying to configure two SRX650 in chassis cluster mode. After running the "set chassis cluster cluster-id 1 node 0 reboot" command on both SRXs im getting an error message that says ge-0/0/1 HA control port cannot be configured It does not allow me to commit any changes, thus i cannot continue.