SRX

 View Only
last person joined: 21 hours ago 

Ask questions and share experiences about the SRX Series, vSRX, and cSRX.
  • 1.  SRX-300 J-Web ERR_TUNNEL_CONNECTION_FAILED https access

    Posted 10-15-2019 02:36

    Hi There,

    I am trying to access J-Web on my SRX, unfortunately when I try to https browse to it (I have tried Chrome and IE) I am unable to connect. For instance on Chrome I get the error ERR_TUNNEL_CONNECTION_FAILED. If I try to http to the device I get "Could Not Connect, Description: Could not connect to the requested server host." I can ping the device and SSH to it from my machine. I have tried restarting it and restarting the web-management service.

     

    Has anybody seen this before?

    Thanks for your Time!


    #https
    #srx300
    #j-web


  • 2.  RE: SRX-300 J-Web ERR_TUNNEL_CONNECTION_FAILED https access

    Posted 10-15-2019 02:56

    Confirm that https is enabled with certificate under the system stanza.

     

    And confirm that https is allows for the zone which the ip address is associated under

    security zones security zone NAME_OF_ZONE host-inbound-traffic system-services

     



  • 3.  RE: SRX-300 J-Web ERR_TUNNEL_CONNECTION_FAILED https access

    Posted 10-15-2019 03:09

    Hi There,

    Thanks for your quick response, I believe the config is correct, I have the following ( I am using interface ge-0/0/0.0)

     

    networks@HVAR1> show security zones

    Security zone: CLEAR
    Send reset for non-SYN session TCP packets: Off
    Policy configurable: Yes
    Interfaces bound: 2
    Interfaces:
    ge-0/0/0.0
    lo0.1

     

    networks@HVAR1> show configuration system services web-management
    http {
    interface ge-0/0/0.0;
    }
    https {
    system-generated-certificate;
    interface ge-0/0/0.0;
    }

     

    networks@HVAR1> ...urity-zone CLEAR host-inbound-traffic system-services
    all;
    https;



  • 4.  RE: SRX-300 J-Web ERR_TUNNEL_CONNECTION_FAILED https access

    Posted 10-16-2019 03:11

    yes, that config looks correct.   But you would need to add just http to system if you want unencrypted access to respond too.

     

    What is the Junos version installed and the chrome version?

    This might be a software bug.

    or the browsers locking down ssl for self signed certificates but typically the give a different message for that.

     



  • 5.  RE: SRX-300 J-Web ERR_TUNNEL_CONNECTION_FAILED https access
    Best Answer

    Posted 10-16-2019 03:50

    Hi there,

    Thanks for coming to my aid on this one! It was really just a human blunder....

     

    I was connected to the device with a statically addressed LAN port on a laptop. Meanwhile the laptop was connected to our enterprise network via wireless, so I could remote into my laptop and work on the juniper from my main machine. The device didn't mind responding to ping or allow SSH while I worked in this manner. 

     

    When I turned the wireless function off on the laptop and removed the proxy settings the GUI worked fine.  Its always the basic things.