SRX Services Gateway
Highlighted
SRX Services Gateway

Unable to commit successfully on SRX-5600 cluster (error: failed to copy file '//var/etc/policy.id+' to 'node0')

‎08-26-2015 01:55 PM

Hi,

 

warning: request security internal-security-association refresh to take effect

node1:

configuration check succeeds

error: failed to copy file '//var/etc/policy.id+' to 'node0'

/config/juniper.conf:1508:(0) cannot use reserved identifier: junos-ssh

[edit applications application]

'application junos-ssh inactivity-timeout 60000;'

cannot use reserved identifier

error: could not set inactivity-timeout

warning: statement must contain additional statements

Rakik
3 REPLIES 3
Highlighted
SRX Services Gateway

Re: Unable to commit successfully on SRX-5600 cluster (error: failed to copy file '//var/etc/policy.id+' to 'node0')

[ Edited ]
‎08-28-2015 04:30 AM

Hello,

 

Can you share the output of 'show | compare rollback 1' & 'show | compare'?

 

Regards,

 

Rushi

Highlighted
SRX Services Gateway

Re: Unable to commit successfully on SRX-5600 cluster (error: failed to copy file '//var/etc/policy.id+' to 'node0')

‎08-28-2015 04:46 AM

Hi,

 

Are you trying to set the inactivity timeout on an SSH console session to the SRX itself? It looks like you have created an application "junos-ssh".   If so then remove that application as it is a reserved indentifier - junos-ssh.

 

Try the following:

 

 

user@srx# set system login class <name> idle-timeout <min>
MMcD [JNCIP-SEC, JNCIS-ENT, CCNA, MCP]
____________________________________________________

[Please Mark My Solution Accepted if it Helped, Kudos are Appreciated Too]
Highlighted
SRX Services Gateway

Re: Unable to commit successfully on SRX-5600 cluster (error: failed to copy file '//var/etc/policy.id+' to 'node0')

‎08-30-2015 11:29 PM

Hello Rakesh ,

 

Mainly this error is seen when the configuration file get corrupted and it messes the default application sets . We can rectify this or do quick fix . Quick fix will be to Remove all the Junos Config  ( rm -rf /config/juniper.conf* ) and  Do a commit full by pasting the current config to the device . Make sure that you have the config backup , in case we lose the config .

 

Other option will be to reimage the Nodes and reboot . Which can give you downtime.

 


Thanks,
Sam

Please Mark My Solution Accepted if it Helped, Kudos are Appreciated too .....
Feedback