SRX

 View Only
last person joined: yesterday 

Ask questions and share experiences about the SRX Series, vSRX, and cSRX.
  • 1.  Juniper Secure Connect error on SRX-3xx firewall(s).

    Posted 04-11-2023 12:24

    Hi all,

    New to this forum and it might not be the correct forum but here I go.
    When using Juniper Secure Connect (Windows enviroment) with SRX-3xx firewalls, it will allow acceptance of certificate but after that, it will fail at configuration download.
    The message is "Login data parsing failure". What does that mean? The username/password is valid and working (when testing on different unit) but some workstation(s) with Juniper Secure Connect get this error, so wondering why it's happening. Best regards Kim.



    ------------------------------
    KIM MADSEN
    ------------------------------


  • 2.  RE: Juniper Secure Connect error on SRX-3xx firewall(s).

    Posted 04-27-2023 22:04

    I had the exact same issue today. I have an SRX300. I can successfully connect to it using iPhone, iPad, Android, and Windows 10 clients. I have a Windows 11 laptop will not connect and will get the message  "Login data parsing failure". 
     

    Additional information: I have the following in the SRX

    set system syslog archive size 100k
    set system syslog archive files 3
    set system syslog user * any emergency
    set system syslog file interactive-commands interactive-commands error
    set system syslog file messages any info
    set system syslog file messages authorization info
    set system syslog file messages daemon info
    set system syslog file messages security any

    When I connect to the SRX using any of the "working" clients I will get the following in the log:

    Apr 27 21:48:20  srx-gw httpd-gk: REMOTE_ACCESS_VPN_AUTH_OK: User xuser/OFFICE-REMOTE from Z.Z.Z.Z with user-application 22.1.5.10 authenticated successfully
    Apr 27 21:48:20  srx-gw httpd-gk: REMOTE_ACCESS_VPN_LOGOUT_OK: User xuser/OFFICE-REMOTE from Z.Z.Z.Z with user-application 22.1.5.10 logged out successfully
    Apr 27 21:48:21  srx-gw kmd[2020]: IKE negotiation successfully completed. IKE Version: 1, VPN: JSC-IPSEC-VPN Gateway: JSC-IKE-GATEWAY, Local: X.X.X.X/4500, Remote: Z.Z.Z.Z/20049, Local IKE-ID: X.X.X.X, Remote IKE-ID: remote.mydomain.local, VR-ID: 0, Role: Responder
    Apr 27 21:48:23  srx-gw kmd[2020]: KMD_PM_SA_ESTABLISHED: Local gateway: X.X.X.X, Remote gateway: Z.Z.Z.Z, Local ID: ipv4(10.131.33.0-10.131.33.255), Remote ID: ipv4(10.131.35.13), Direction: inbound, SPI: 0x4016b0f9, AUX-SPI: 0, Mode: Tunnel, Type: dynamic, Traffic-selector: JSC-TS-1 FC Name:
    Apr 27 21:48:23  srx-gw kmd[2020]: KMD_PM_SA_ESTABLISHED: Local gateway: X.X.X.X, Remote gateway: Z.Z.Z.Z, Local ID: ipv4(10.131.33.0-10.131.33.255), Remote ID: ipv4(10.131.35.13), Direction: outbound, SPI: 0x8d8a552b, AUX-SPI: 0, Mode: Tunnel, Type: dynamic, Traffic-selector: JSC-TS-1 FC Name:
    Apr 27 21:48:23  srx-gw kmd[2020]: KMD_VPN_UP_ALARM_USER: VPN JSC-IPSEC-VPN from Z.Z.Z.Z is up. Local-ip: X.X.X.X, gateway name: JSC-IKE-GATEWAY, vpn name: JSC-IPSEC-VPN, tunnel-id: 67108876, local tunnel-if: st0.3, remote tunnel-ip: 10.131.35.13, Local IKE-ID: X.X.X.X, Remote IKE-ID: remote.mydomain.local, AAA username: xuser, VR id: 0, Traffic-selector: JSC-TS-1, Traffic-selector local ID: ipv4(10.131.33.0-10.131.33.255), Traffic-selector remote ID: ipv4(10.131.35.13), SA Type: Static
    Apr 27 21:48:27  srx-gw kmd[2020]: KMD_VPN_DOWN_ALARM_USER: VPN JSC-IPSEC-VPN from Z.Z.Z.Z is down. Local-ip: X.X.X.X, gateway name: JSC-IKE-GATEWAY, vpn name: JSC-IPSEC-VPN, tunnel-id: 67108876, local tunnel-if: st0.3, remote tunnel-ip: 10.131.35.13, Local IKE-ID: X.X.X.X, Remote IKE-ID: remote.mydomain.local, AAA username: xuser, VR id: 0, Traffic-selector: JSC-TS-1, Traffic-selector local ID: ipv4(10.131.33.0-10.131.33.255), Traffic-selector remote ID: ipv4(10.131.35.13), SA Type: Static, Reason: IPSec SA delete payload received from peer, corresponding IPSec SAs cleared

    If I connect using the Windows 11 machine - I get NOTHING in the logs. I am trying to round up another Windows 11 machine to see if it is a Windows 11 issue.

    Running Junos: 21.4R2.10




  • 3.  RE: Juniper Secure Connect error on SRX-3xx firewall(s).

    Posted 04-28-2023 06:20

    Hi, I recently got it fixed and our fix was upgradimg the software on the firewall(s). Best regards Kim.



    ------------------------------
    KIM MADSEN
    ------------------------------



  • 4.  RE: Juniper Secure Connect error on SRX-3xx firewall(s).

    Posted 04-28-2023 08:26

    Fantastic! Which version did you go to?

    Thank you!!!




  • 5.  RE: Juniper Secure Connect error on SRX-3xx firewall(s).

    Posted 05-01-2023 02:49

    Hi, sorry for the late reply but it is software version 21.4R3-S3.4



    ------------------------------
    KIM MADSEN
    ------------------------------



  • 6.  RE: Juniper Secure Connect error on SRX-3xx firewall(s).

    Posted 05-01-2023 08:28

    Thank you! I will try that and post back here the results!




  • 7.  RE: Juniper Secure Connect error on SRX-3xx firewall(s).

    Posted 05-03-2023 09:59

    That version did it! Thank you!!

    Side note - problem client was

    Windows 11

    Version 22H2
    OS Build 22621.1555