1

One of our clients has an SRX240H in their office that occasionally is dropping connections going LAN to WAN. For example: they could be on an IRC server and they will drop out for 2 minutes and then come back or an HTTP download will die half way through. We've ruled out upstream problems with the ISP.

What steps can I take to diagnose this? We only have remote web access to this device, but can probably get SSH if required.

UPDATE

I shall find out what version of JunOS it is back in the office tomorrow.

The scenario is the clients office has a fibre connection to our DC with two VLANs, one presenting internet and one presenting their office infrastructure (AD, file servers, etc). It's a gigabit connection, and they use it as such to access their file server etc all day.

It's possible it's overloading it, but on paper it should be MORE than capable.

SimonJGreen
  • 3,205
  • 5
  • 33
  • 55

1 Answers1

0

If you use the built-in Junos "applications" in your permit rules, then these come along with some cute hidden settings that control the timeouts per application (fun!). From an operational command line, run the command

show configuration groups junos-defaults applications

to see what the defaults are. Now... past that, I need to ask do you having the device source NAT a single WAN IP or you using a pool. what version of JUNOS is on the box?

SpacemanSpiff
  • 8,753
  • 1
  • 24
  • 35
  • This drop out is all users at the same time, and the whole of the upstream connection is unavailable rather than one thing. It's doing Source NAT through a single IP to access Internet, then via another VLAN on the WAN side it goes off to a data centre just routing connections. – SimonJGreen Jan 12 '12 at 16:03
  • This is going to take a bunch more troubleshooting most likely. You need to confirm if the SRX stops responding entirely, or if it can maintain a continuous connection to it's next-hop gateway. Also look at resource utilization, but that's a pretty sturdy box unless you're pumping a lot of data through it I doubt you're overwhelming the hardware. What version of JunOS? – SpacemanSpiff Jan 12 '12 at 17:08
  • I've updated the question with a bit more background info. – SimonJGreen Jan 12 '12 at 22:23