SRX

 View Only

IMPORTANT MODERATION NOTICE

This community is currently under full moderation, meaning  all posts will be reviewed before appearing in the community. Please expect a brief delay—there is no need to post multiple times. If your post is rejected, you'll receive an email outlining the reason(s). We've implemented full moderation to control spam. Thank you for your patience and participation.



  • 1.  SRX 1500 HA over L2 question

    Posted 03-21-2017 03:57
    Hi guys,

    I need to deploy 2 srx 1500 but HA over L2. I want to konw is control port tag enabled on srx 1500? Any command can check and modify?

    Thanks
    Seansc
    #srx1500
    #controlport
    #HA
    #SRX


  • 2.  RE: SRX 1500 HA over L2 question
    Best Answer

     
    Posted 03-21-2017 06:31

    Hello ,

     

    SRX1500 have dedicated control ports so by default VLAN tag is disabled and we cannot change it .

     

    {primary:node1}
    root@jtac-srx1500-r2015> set chassis cluster control-link-vlan
    error: command is not valid on the srx1500

     

     



  • 3.  RE: SRX 1500 HA over L2 question

    Posted 03-21-2017 09:52

    Hi Sam,

     

    Thanks for your reply. My HA still not working. For the L2 network  i configured access port facing SRX control port.  Below is the output from SRX.

    > show chassis cluster interfaces

    Control link status: Down

    Control interfaces:
    Index Interface Monitored-Status Internal-SA Security
    0 em0 Down Disabled Disabled

     

    > show chassis cluster status

    Cluster ID: 1
    Node Priority Status Preempt Manual Monitor-failures

    Redundancy group: 0 , Failover count: 1
    node0 1 primary no no None
    node1 0 lost n/a n/a n/a

     

    Any suggestion how should i tshoot?

     



  • 4.  RE: SRX 1500 HA over L2 question

     
    Posted 03-21-2017 09:55

    Hello ,

     

    Please check if the Jumbo frames are allowed on the switch ports and IGMP snooping is disabled for the same .



  • 5.  RE: SRX 1500 HA over L2 question

    Posted 03-21-2017 22:20
    You are right, need to disable igmp snooping for control port