Jump to content


15
[Offer]

VSRX / Firefly



127 replies to this topic

#29 teamhardcore

teamhardcore

    Junior Member

  • Members
  • PipPip
  • 7 posts
  • 115 thanks

Posted 04 August 2013 - 04:04 PM

try add below command to both devices

set security zones security-zone untrust interfaces ge-0/0/1.0
set security zones security-zone untrust interfaces ge-0/0/1.0 host-inbound-traffic system-services ping
set security zones security-zone trust interfaces ge-0/0/0.0 host-inbound-traffic system-services ping

Edited by teamhardcore, 04 August 2013 - 04:28 PM.


Thanked by 4 Members:
mbahgat , hellboy24 , eloobaby , Feb

#30 Feb

Feb

    Member

  • Members
  • PipPip
  • 42 posts
  • 3517 thanks

Posted 04 August 2013 - 04:29 PM

View Postteamhardcore, on 04 August 2013 - 04:04 PM, said:

try add below command to both devices

set security zones security-zone untrust interfaces ge-0/0/1.0
set security zones security-zone untrust host-inbound-traffic system-services ping
set security zones security-zone trust interfaces ge-0/0/0.0 host-inbound-traffic system-services ping

it works like a charm

[email protected]> ping 10.10.10.2 rapid count 100
PING 10.10.10.2 (10.10.10.2): 56 data bytes
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
--- 10.10.10.2 ping statistics ---
100 packets transmitted, 100 packets received, 0% packet loss
round-trip min/avg/max/stddev = 0.461/2.359/56.122/7.161 ms

but if i move ge-0/0/0.0 to untrust i lost connectivity to host

thank you

Edited by Feb, 04 August 2013 - 04:35 PM.


Thanked by 2 Members:
Yashwantp007 , eloobaby

#31 NetworkRambo

NetworkRambo

    Juniper TE

  • Technical Expert
  • PipPipPip
  • 142 posts
  • 4444 thanks
  • LocationInsane in the brain

Posted 04 August 2013 - 05:02 PM

Ping is not allowed by default...

#32 teamhardcore

teamhardcore

    Junior Member

  • Members
  • PipPip
  • 7 posts
  • 115 thanks

Posted 05 August 2013 - 03:48 PM

View PostFeb, on 04 August 2013 - 04:29 PM, said:

it works like a charm

[email protected]> ping 10.10.10.2 rapid count 100
PING 10.10.10.2 (10.10.10.2): 56 data bytes
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
--- 10.10.10.2 ping statistics ---
100 packets transmitted, 100 packets received, 0% packet loss
round-trip min/avg/max/stddev = 0.461/2.359/56.122/7.161 ms

but if i move ge-0/0/0.0 to untrust i lost connectivity to host

thank you

This is a free gift from Juniper!
http://www.juniper.net/us/en/training/fasttrack/

Thanked by 2 Members:
Yashwantp007 , Feb

#33 fkhan

fkhan

    Junior Member

  • Members
  • PipPip
  • 1 posts
  • 15 thanks

Posted 21 August 2013 - 03:32 PM

How can i use this images, please anyone guide me

#34 NetworkRambo

NetworkRambo

    Juniper TE

  • Technical Expert
  • PipPipPip
  • 142 posts
  • 4444 thanks
  • LocationInsane in the brain

Posted 21 August 2013 - 03:50 PM

import one of the images into vmware (or another platform which can import ovf) and start using it :-)

please do some research on the Internet on how doing things.

#35 teamhardcore

teamhardcore

    Junior Member

  • Members
  • PipPip
  • 7 posts
  • 115 thanks

Posted 21 August 2013 - 04:11 PM

For Sec Track

Junosv firefly behaves like a normal SRX firewall

For ENT Track

delete security
set security forwarding-options family mpls mode packet-based

It will make it behaves like a router

Thanked by 1 Member:
gservetas

#36 noras902001

noras902001

    Newbie

  • Members
  • Pip
  • 0 posts
  • 72 thanks

Posted 24 August 2013 - 12:47 PM

Does any one succeeded connecting 2 Firefly VMWares Together to make just ping ?????
i do the previous notes the ping is ok but No OSPF adjacency , is there any additional steps to enable multicast for OSPF ??????

Thanks.

Edited by noras902001, 24 August 2013 - 01:05 PM.


#37 NetworkRambo

NetworkRambo

    Juniper TE

  • Technical Expert
  • PipPipPip
  • 142 posts
  • 4444 thanks
  • LocationInsane in the brain

Posted 24 August 2013 - 12:55 PM

of course... but by default ICMP is not allowed...

or you configure it in packet mode, or you allow the traffic in the zones

Cheers,
J.

Thanked by 1 Member:
Yashwantp007

#38 lambda

lambda

    Advanced Member

  • Members
  • PipPipPip
  • 53 posts
  • 17 thanks

Posted 24 August 2013 - 01:01 PM

Using VMWare ESXi (never used any other VMWare, not sure if it is the same), I just created a new VSwitch with a single port group that uses VLAN 4095. That VLAN means all VLANs. This allows you to use VLAN tagging on your Juniper VMs. For more info you can google VLAN Guest Tagging.

Thanked by 1 Member:
Yashwantp007

#39 NetworkRambo

NetworkRambo

    Juniper TE

  • Technical Expert
  • PipPipPip
  • 142 posts
  • 4444 thanks
  • LocationInsane in the brain

Posted 24 August 2013 - 01:09 PM

VMWare workstation doesn't offer the vswitch, but you can create lan segments (like vmnets but more and independent of vmnets) and use them to interconnect...
Also offering a vmware ESXi / vswitch solution to a persorn who can't get the fireflys to ping is like offering a race seat to a person who learns to drive... (bad me... shut up:-)

Also it should be noted that the light version, don't even support lan segments... you will need to use the vmnets but there are far too limited number, so there would go your segmentation.

Most of the time, the problem is with the security in the way...  but yeah of course if you don't connect things up correctly it doesn't work of course....

Cheers,
J.

Edited by NetworkRambo, 24 August 2013 - 01:11 PM.


Thanked by 1 Member:
Yashwantp007

#40 lambda

lambda

    Advanced Member

  • Members
  • PipPipPip
  • 53 posts
  • 17 thanks

Posted 24 August 2013 - 05:47 PM

It took me all day to figure it out :)

Thanked by 1 Member:
Yashwantp007

#41 vicky145872004

vicky145872004

    Junior Member

  • Members
  • PipPip
  • 9 posts
  • 10 thanks

Posted 15 September 2013 - 04:40 PM

I have hosted 9 VMs with VSRX, what will be the ram requirement for each vsrx..
vicky145872004, proud to be a member of IT Certification Forum since Dec 2008.

Thanked by 1 Member:
Yashwantp007

#42 vicky145872004

vicky145872004

    Junior Member

  • Members
  • PipPip
  • 9 posts
  • 10 thanks

Posted 15 September 2013 - 05:09 PM

View Postvicky145872004, on 15 September 2013 - 04:40 PM, said:

I have hosted 9 VMs with VSRX, what will be the ram requirement for each vsrx..
What is the difference in those 2 files.. what file should we use..
& RAM 256 is also not working..
vicky145872004, proud to be a member of IT Certification Forum since Dec 2008.

Thanked by 1 Member:
Yashwantp007



0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

Organization

Community

Downloads

Test Providers

Site Info


Go to top