Security

 View Only
last person joined: 16 days ago 

Ask questions and share experiences with Juniper Connected Security. Discuss Advanced Threat Protection, SecIntel, Secure Analytics, Secure Connect, Security Director, and all things related to Juniper security technologies.

  • 1.  NSM 2008.2r2 (import device cluster / no route imported)

    Posted 07-24-2009 02:49
      |   view attached

    Hello,

     

    After a problem with the NSM 2008.2r1, and the unset of route, I have upgraded NSM on 2008.2r2. This version correct the bug of the route unset.

     

    But,

     

    When I import a new cluster device,

    - the route already existing on the firewall are not imported in the NSM object. But, the delta config show no difference between the cluster config and the NSM config.

    - VPN attributes are not imported (SA soft lifetime) and when I try to set this attribute on NSM object and update the device, the update failed (cf. attachment)

    - If a try to set a new route on the NSM object, this route is not updated and not appears in the delta config.

     

     

    When I try 

    Attachment(s)

    txt
    delta.txt   665 B 1 version


  • 2.  RE: NSM 2008.2r2 (import device cluster / no route imported)
    Best Answer

    Posted 07-29-2009 08:25

    1/ The route import problem is because a mistake configuration on the nsrp configuration on the cluster (the route synchronization was active) after desactivate this option, the route are imported correctly

     

    2/ The VPN ikev2 attribute problem during the import of the cluster device is normal. This feature was not correctly implmented on the screenOS 6.1r3 and before. So you must upgrade the cluster with a version >=  screenOS 6.1r4