Security

IMPORTANT MODERATION NOTICE

This community is currently under full moderation, meaning  all posts will be reviewed before appearing in the community. Please expect a brief delay—there is no need to post multiple times. If your post is rejected, you'll receive an email outlining the reason(s). We've implemented full moderation to control spam. Thank you for your patience and participation.



Expand all | Collapse all

Juniper SRX - OPC Communication Flow Stops

  • 1.  Juniper SRX - OPC Communication Flow Stops

    Posted 09-14-2021 05:41

    Hi, 

    We have Juniper SRX300 in our network. As per the scenario, two servers are there that are sharing the data using OPC communication through the Juniper SRX. Server-A gets data from Server-B as per the scheduled time. The configured schedule in the application on Server-A is 6 hours, so every 6 hours Server-A tries to fetch the latest data from Server-B. The issue is Server-A is only able to get the limited data sometimes its 40 %, sometimes its 30%, sometimes its 60% and other values end in error. When I physically bypass the firewall and connect the servers through a switch only, the data fetching works perfectly fine.  Also, when I check the data fetching for a single value via OPC communication tool, it shows that data is there but when data is fetched in bulk it causes the said issue. 
    I have checked the logs for any blocked traffic, and have also monitored and reviewed the traceoption logs during the scheduled time interval for the data fetching. Also, IDP is not enabled. 
    I have tried the below mentioned: 

    1) Allow all communication between Server-A & Server-B (Considering that after some interval, application may be using some other port for reverification) 
    2) Globally allowing all the communication (There may be some other communication involved)
    3) Changed the traffic between Server-A to Server-B to packet-mode. 

    Still the issue remains the same. I have done this troubleshooting, still I am unable to figure what may be the probable cause that causing this data flow to stop.  I have attached the scenario block diagram for reference. 

    Really needs the expert opinion on this as I am exhausted with the resources and knowledge I had to troubleshoot the issue. 

    If any further logs are required, can be shared. 



    ------------------------------
    AWAIS AHMAD
    ------------------------------

    Attachment(s)

    gz
    Security-Flow.1.gz   274 KB 1 version
    gz
    Security-Flow.2.gz   265 KB 1 version
    gz
    JTAC-traces.1.gz   625 KB 1 version
    gz
    Security-Flow.0.gz   278 KB 1 version
    gz
    JTAC-traces.0.gz   620 KB 1 version
    gz
    Security-Flow.3.gz   265 KB 1 version
    zip
    FW Logs.zip   117 KB 1 version


  • 2.  RE: Juniper SRX - OPC Communication Flow Stops

    Posted 09-17-2021 10:32
    Hi, 

    Looking forward to the responses, as its a very critical scenario for us. Hoping for the support ..

    ------------------------------
    AWAIS AHMAD
    ------------------------------