Juniper SRX Firewall – Allow Web Management from Outside
KB ID 0000708 Problem Assuming you already have web management enabled, and you want to access it from the outside (the untrusted zone). Solution 1. Log into the web console of the Juniper. 2. Navigate to Security > Zones/Screen > Select the ‘Untrust’ Zone > Edit > Host inbound traffic – Interface > Select the Outside interface > Under Interface services add in ‘http’ > OK. 3. Then...
Factory Reset Juniper SRX Firewall
KB ID 0001003 Problem If you manage to stuff up your firewall, or you have just done some testing and want to revert back to ‘as new’ here is how to do it. Solution 1. Connect to the firewall either by console cable or via SSH, go to CLI mode then configuration mode. login: PeteL Password: ************ — JUNOS 12.1X47-D10.4 built 2014-08-14 22:21:50 UTC PeteL@Petes-SRX> cli PeteL@Petes-SRX> configure Entering...
JunOS – Using TACACS+ With Cisco ACS
KB ID 0001040 Problem I’ve been configuring a client’s Juniper SRX chassis cluster, for a while now. Their ACS was deployed last week so my task was to configure it to use the TACACS+ from the Cisco ACS server. The client’s setup required them to use their fxp0 management interfaces to perform the authentication. After it was configured and working, (due in no small part, to the ACS skills of Mr SteveH). I decided...
Juniper SRX – Setting the Default Static Route
KB ID 0001008 Problem It takes me seconds to do this on an ASA, on every occasion I’ve had to do the same on a Juniper firewall I’ve had to research how to do it again. Here I’m setting up the ‘default’ route to the Internet, but the syntax is the same for setting up any static route. Solution 1. Connect to the firewall either by console cable or via SSH, go to CLI mode then configuration mode....
Juniper SRX – ‘The Routing Subsystem Is Not Running’
KB ID 0001045 Problem While trying to deploy Solarwinds to monitor a Juniper SRX failover cluster, we were having no joy connecting to the management interface of the secondary/standby firewall. The management (fxp0) interface on the primary (node0) firewall we could get to OK. ] After jumping on the secondary firewall (via the console connection) we observed the following; error: the routing subsystem is not running Solution As you...
HP E Series Wireless – Cannot Access Local LAN
KB ID 0000486 Problem You have an HP HP E-Series Mobility E-MSM460, 466 & 430 Access Point, and you cannot access resources on your local LAN (though internet access works fine). This is default “Out of the box” behavior, a lot of consumers want to provide wireless access but DONT want the wireless clients having access to their local servers. That’s fine but what if you do? Solution 1. Log into the web...
Setup and Configure HP Wireless E-MSM720 Wireless Controller with HP E-MSM430 Access Points
KB ID 0000692 Problem We got some ‘demo stock’ in the office this week, I don’t do a lot of wireless, so I thought I would get it setup and have a look to see how easy/difficult it was. Hardware used HP E-MSM720 Premium Mobility Controller (J9694A) HP E-MSM 430 Wireless N Dual Radio Access Point (J9651A) HP HP 2915-8G-P-o-E Switch (J5692A) The switch and controller are ‘tiny’ so if you want to put them...
Manually Configuring HP Wireless (MSM 720 controller) for Public and Private Wireless Networks
KB ID 0000833 Problem In the following procedure I’ll configure the following; HP 5412zl Switch. Cisco ASA 5510 Firewall. HP MSM720 Controller. HP MSM460 and MSM317 Access Points. If you are configuring an MSM765zl or MSM775zl use the following article first. HP MSM765zl and 775zl – Initial Setup and Routing Assumptions Private SSID will be on the normal corporate LAN (In this case 172.16.254.0/24). Public SSID will get...
Change HP Wireless Access Points from Autonomous to Controlled Mode
KB ID 0000853 Problem I had a client this week who was putting in an MSM730 Wireless controller, and a few MSM460 Access Points. They already had an MSM460 in their meeting room, and I was asked to add that into the new setup on the controller as well. Out of the box the access points are in controlled mode (look for a controller), if they don’t find one they assume they are in autonomous mode and either setup on 192.168.1.1 or get...
HP MSM Controller – Access Points Stuck ‘Waiting Acceptance’
KB ID 0000868 Problem When viewing the Controller > Controlled APs, You may see some of them stuck with a ‘Waiting Acceptance’ status. Solution This happens because the Access Point can contact the controller, (otherwise you wouldn’t even see it). But the controller cant get traffic back to the access point, to update its firmware, or to synchronize it. The root cause of this is usually because this access point is on...