SRX

 View Only
last person joined: 4 days ago 

Ask questions and share experiences about the SRX Series, vSRX, and cSRX.

  • 1.  Juniper SRX configure archiving to a FTP server

    Posted 11-17-2018 04:15

    Hi

    I have a problem when I commit new configuration My device connect to FTP server but does not logging to FTP server.

     

    Configuration:

    set system archival configuration transfer-on-commit
    set system archival configuration archive-sites "ftp://user:123456@192.168.5.79"

     

    set security zones security-zone Outside host-inbound-traffic system-services all
    set security zones security-zone Outside host-inbound-traffic protocols all
    set security zones security-zone Outside interfaces vlan.3 host-inbound-traffic system-services all
    set security zones security-zone Outside interfaces vlan.3 host-inbound-traffic protocols all

     

    and messages on FTP server:

    (000496)11/17/2018 14:40:18 PM - (not logged in) (192.168.254.2)> Connected on port 21, sending welcome message...
    (000496)11/17/2018 14:40:18 PM - (not logged in) (192.168.254.2)> 220-FileZilla Server 0.9.60 beta
    (000496)11/17/2018 14:40:18 PM - (not logged in) (192.168.254.2)> 220-written by Tim Kosse (tim.kosse@filezilla-project.org)
    (000496)11/17/2018 14:40:18 PM - (not logged in) (192.168.254.2)> 220 Please visit https://filezilla-project.org/
    (000496)11/17/2018 14:40:37 PM - (not logged in) (192.168.254.2)> disconnected.

     

    Thanks for your help.

     

     



  • 2.  RE: Juniper SRX configure archiving to a FTP server

    Posted 11-17-2018 05:03

    What is the network path from the SRX interface on 192.168.254.2 to the 192.168.5.79 server?

     

    Is there a firewall that might inhibit the ftp connection?

     



  • 3.  RE: Juniper SRX configure archiving to a FTP server

    Posted 11-17-2018 05:25

    Thank you for your attention.

    What is the network path from the SRX interface on 192.168.254.2 to the 192.168.5.79 server?

    The SRX interface on 192.168.254.2 via a tunnel access to FTP server (192.168.5.79). There is no policy along the network path.

    I can telnet to FTP server via source interface Vlan.3 (192.168.254.2).

     

    Is there a firewall that might inhibit the ftp connection? no there isn't.

     

     



  • 4.  RE: Juniper SRX configure archiving to a FTP server

    Posted 11-17-2018 17:10

    Try changing from ftp to passive ftp.

    pasvftp://

     



  • 5.  RE: Juniper SRX configure archiving to a FTP server

    Posted 11-17-2018 22:00

    pasvftp://  => I do that, but doesn't loggin to FTP server.

    I tried a lot but failed.



  • 6.  RE: Juniper SRX configure archiving to a FTP server

    Posted 11-18-2018 06:01

    Can you do a packet capture on the ftp server to see what the final disconnect conversation gives as the reasons.

     

    There are not any other options we can change on the Junos side.  So we will need to look to what can be changed on the ftp server side.  The message is too generic and I'm not finding anything specific to act on there.