SRX

Hi,

We have SRX340 in cluster. Please find below configuration  and suggest best practice for management insterface(available on the chassis)

set version 15.1X49-D120.3
set groups node0 system host-name SRX-A
set groups node0 interfaces fxp0 unit 0 family inet address 172.16.10.1/30  #(Controll link is configured on ge-0/0/1 and ge-5/0/1 interface)
set groups node1 system host-name SRX-B
set groups node1 interfaces fxp0 unit 0 family inet address 172.16.10.2/30

set system services web-management https interface fxp0.0

set interfaces fab0 fabric-options member-interfaces ge-0/0/0
set interfaces fab1 fabric-options member-interfaces ge-5/0/0
set interfaces fxp0 unit 0 family inet address 10.30.40.50/24 

Now i am able to access SSH through 10.30.40.50 IP but not getting https access.

Thank you..

did you try to access fxp0 via 172.x.x.x ip?

you may configure backup-router to make the network reachable via oob. follow the kb.

https://kb.juniper.net/InfoCenter/index?page=content&id=KB15580&actp=METADATA

Also, suggest you to use /28 instead of /30 in 172.x.x.x series.

Secondly, you may want to remove the config of [edit interfaces fxp0] to remove the conflict and try.

Did you try with system generated self-signed certifiate to access HTTPS.

And also use fxp0 group IP MGMT address for access and before remove global fxp0 IP. And also check the BACKUP router options for reachability to gateway.

You seem to have configured the fxp0 ports incorrectly under groups.

---these are setup to be some kind of routed link to each other instead of mgmt addresses to the rest of the network

set groups node0 interfaces fxp0 unit 0 family inet address 172.16.10.1/30 
set groups node1 interfaces fxp0 unit 0 family inet address 172.16.10.2/30

this address you want to set int the groups above instead of here
set interfaces fxp0 unit 0 family inet address 10.30.40.50/24