Junos OS

 View Only
last person joined: 7 days ago 

Ask questions and share experiences about Junos OS.
  • 1.  JWEB Issue

     
    Posted 02-21-2024 13:01

    I'm trying to set up web-management (https) on my SRX's and EX's.  This should be pretty straight forward, but... I'm on JunOS version 22.4R1.10 and Edge version 121.0.2277.83.  

    When using the system generated cert I get the following error:

    "Your connection isn't private
    Attackers might be trying to steal your information from 191.1.1.190 (for example, passwords, messages, or credit cards).
    NET::ERR_CERT_INVALID
    191.1.1.190 uses encryption to protect your information. When Microsoft Edge tried to connect to 191.1.1.190 this time, the website sent back unusual and incorrect credentials. This may happen when an attacker is trying to pretend to be 191.1.1.190, or a Wi-Fi sign-in screen has interrupted the connection. Your information is still secure because Microsoft Edge stopped the connection before any data was exchanged.
     
    You can't visit 191.1.1.190 right now because the website sent scrambled credentials that Microsoft Edge can't process. Network errors and attacks are usually temporary, so this page will probably work later."
    When I use a self-signed cert it still get the "connection isn't private" error and the https is crossed out, but the router allows me in.  
    I am also using IPSec to secure connections to other routers in my network.  When I assign that cert to web-management, I still get the "connection isn't private" error and the router allows me in.  
    Any advice would be awesome.  


  • 2.  RE: JWEB Issue

    Posted 03-11-2024 19:55

    They all work if you use Firefox.

    Would like to find out why. Some SRXs work but others didn't and then intermittently does work to the same SRX but different IP. Suspect something to do with our VPN and/or SNAT.



    ------------------------------
    VIENG SOUKHAVONG
    ------------------------------



  • 3.  RE: JWEB Issue

     
    Posted 15 days ago

    This isn't an usual message to encounter, and is expected if you're not using your own certificates that meet the requirements.

    Have you imported the self-signed cert you mention into the affected browser? 

    As Vieng mentions, maybe give Firefox a go for the time being, which is what I use for SRX and E devices, but for how much longer it will work, is anybody's guess.