CHASSISD_IPC_CONNECTION_DROPPED The chassis process (chassisd) dropped its interprocess communication (IPC) connection to the indicated component (field-replaceable unit, or FRU). The message is logged whenever the interprocess connection to a component is terminated or reset. This message reports an event, not an error. Examples of possible entries in the system message … [Read more...]
End User Frequently Asked Questions (FAQ) for Junos Pulse
Below you will find some of the most common questions end users ask about Junos Pulse; including related links to FAQs on using Junos Pulse with Apple iOS, Google Android, or BlackBerry devices. This article is not intended to address questions that might be raised by an SSL VPN administrator. After upgrading to Junos Pulse iOS 2.0r2 (build 8993), my client won't start … [Read more...]
FAQ – SA SSL VPN client component deployment
This article reviews frequently asked questions (FAQs) and useful information for those who either install, uninstall, or upgrade Junos Pulse or Secure Access (SA) legacy client components on client machines, and who may or may not have administrator permissions or privileges for their system. What should I know when installing, uninstalling, or upgrading Junos Pulse or … [Read more...]
SSL VPN : Java 7 Update 51 may block older versions of Juniper’s SSL VPN Java Applets
This article describes the impact of Java 7 Update 51 on older versions* of Java Applets used by certain client components of Juniper's SSL VPN solutions (JSAM, Juniper Setup Applet, Junos Pulse Collaboration, Network Connect, Premier Java RDP Applet). * Prior to: SA 7.1R17 SA 7.3R9 SA 7.4R7 SA 8.0R1 According to the information available on this Oracle blog, after … [Read more...]
Network Security FAQ: Understanding Vulnerabilities The Need for Security
Network Security FAQ: Understanding Vulnerabilities The Need for Security Q1. What are the three common classes of attack? A. Access attack B. DoS attack C. Smurf attack D. Reconnaissance attack Answer: A, B, D. The three common classes of attack are access attack, reconnaissance attack, and DoS attack. Answer C is not a class of attack, but rather a type of DoS … [Read more...]
VRRP master-master state replication
VRRP master-master state replication Control packets are not being exchanged between master and backup because of faulty status. This article describes how to replicate a master/master state in VRRP. Control packets are not exchanging between master and backup because the current state is master/master, probably due to a mistaken firewall filter or packet loss among service … [Read more...]
Traffic loss during NS/NA process with the redundant link occurs when ECMP is used
This article describes the issue of users experiencing traffic loss, when ECMP is used on redundant links during the NS/NA process. Topology: -------------------------------------- 2001:10:2::/64, fe80::10:2:0:0/64 ge-2/1/0 - ::2 ge-/2/0/0 - ::1 +------------------+---------------+----------+ | Logical LR1 | | Master … [Read more...]
How to enable, monitor, and reset the application system cache and its associated counters
How to enable, monitor, and reset the application system cache and its associated counters. To enable ASC, use the following command: set services application-identification nested-application-settings application-system-cache To view and clear the ASC configuration and cache entries, use the following commands: show services application-identification … [Read more...]
How to filter predefined attacks and display predefined-attacks-group using CLI
This article explains how to use a hidden command to filter pre-defined attack objects and display the predefined-attacks-group, using the command line interface (CLI). There is no command to filter pre-defined attacks or to display the predefined-attacks-group in SRX. The only way to filter attacks is to use NSM or Junos Space, or parse the Signature file in … [Read more...]
How to debug output drops on Services PIC carrying CGNAT flows in AT&T SDG Consumer Neo Zones
This article explains what to look for when output drops are seen incrementing on the sp- interface on the MS-DPC cards carrying CGNAT flows in the SDG Neo Zones. Output drops were seen incrementing on the sp- interface serving CGNAT flows in the AT&T SDG Neo Zones. The sp- output interface counters (sp-3/1/0 in this case) represent the traffic that is sent by the PFE … [Read more...]