(If you've already passed the test, you may safely skip to the last couple lines.)
I've been using GNS3 for my lab environment, following their lab materials. This means my VMs are based on the SRX platform.
I started my day trying to set simple static routes so that I could ping between routers A and C via router B. Should be easy. I spent more time than I care to admit redoing next-hops and interfaces until it all made sense, even more time to realize that part of why it wasn't working might be GNS3 itself, and still more time before it occurred to me that the default firewall policy on router B is probably why pings weren't getting through. This indeed turned out to be the case, and I crafted a basic but sensible policy to allow traffic between the two networks corresponding to the other two routers.
And it didn't work. I got this message:
Address or address_set (x.y.z.226/32) not found. error: configuration check-out failed
That made no sense to me at all. My firewall knowledge derives primarily from iptables and specifying rules by addresses is pure instinct. So, I did what any network engineer worth his salt does: I googled the error message. I found this thread, where I learned that SRXs have this funky requirement that you not specify an address, but specify an alias for an address that's defined in an address-book that belongs to the security zone. (so,
set security zones security-zone untrust address-book address <name> <address>)
I wrote all that detail in case it's ever helpful to future JNCIA hopefuls, but here's my actual question:
Is the address-book requirement particular to SRX security appliances? Or is this a
bugfeature of all Junos devices capable of running a security policy?
I've been through all the associate-level videos in prep for the test in a couple of weeks, but feel like I hardly learnt anything. Do I need to hunt down extra materials, or is it enough to keep reviewing those videos and build upon what's in the labs?
I am just having an issue with routing. I have an aggregated link setup between an EX4200 and SRX240 running most current firmware. I have the link established and Vlans on both sides. the layer 3 routing is on EX for Vlans. The routing or next-hop is where I am having an issue with. getting no route. it is set to port mode trunk on both sides with member vlans added.
Is there an equivalent command for "force authentication" (Cisco Command) in the JUNIPER OS to force a port using 802.1x?
So I've been selected by my company to go through Juniper JNCIA training, and that generally means that want me to get JNCIA certified. We'll be doing a week long course towards the end of May.
I'd like to get a jump start on this stuff though. Do you have any recommended books or resources for JNCIA? How's the test difficulty? I've got a CCNA R/S and halfway through CCNA Collab myself, so I'm just trying to gauge how difficult this will be. My Route/Switch knowledge is a bit rusty since I've been mainly working with telephony junk over the last two years, roughly.
Thanks in Advance
Has anyone ran into any information regarding the availability of the Open Learning program?
I have been trying to get into the Open Learning sessions scheduled for JNCIA-Junos in the last 4 months, and as far as I can see, there are no more session scheduled.
This guy did ! Took my test today and got my "Provisional Pass".
Kinda freaked me out because I am used to either seeing a "Pass" or "Fail" on cert test. Looked it up, and per Juniper's site they give a "Provisional Pass" to every passing score until they verify it 1-2 days later.
All in all, feel pretty happy ! Now onto the JNCIS-ENT !
So I just completed my Cisco CCNA studies and to create a balance I would like to take a dive into the world of Juniper. I enjoy using physical hardware so I get a feel for them as I did for my Cisco certs.
My question is, I intend to go all the way to JNCIP DC and SP. What lab gears would you guys recommend? Starting from the very basic at JNCIA.
I passed the JNCIA in December. I meant to share my OneNote package here after that but forgot. Anyway, here it is. I hope it is helpful to some of you.
EDIT: RIP title :-(
Hello all, I am new to Juniper and am studying for the JNCIA certification. I have a CCNA Routing and switching already and need a break in studies from Cisco world. I like to use real equipment to lab on and was wondering what hardware should I buy for the JNCIA? Also, should I be on the lookout for a specific OS?
Looking to start studying for juniper certifications now after my CCNA. What study materials do you guys recommend to use for the first cert of JNCIA?
Has the test been updated recently so that any study material has changed as well?
Got out of my testing center a couple hours ago and I passed! 78% First Juniper Certification had a CCNA under my belt already but; my job is right now both Juniper and Cisco and now moving over to Juniper only so I had to get this cert.
Glad I got it and now on to the next cert JNCIA - cloud. !!
Hey not sure if this the right place for this however through the juninper learning network there offering a free voucher for the JNCIA cloud certification if you take there class it pass
About a 130 seats left as of posting this https://learningportal.juniper.net/juniper/user_activity_info.aspx?id=10483
Just got out of the testing center and I passed! Got a 75, needed 60. This is my first certification ever. On to the Cisco CCNA next!
Network Fundamentals - 100%
JunOS OS Fundamentals - 50%
User Interfaces - 86%
Configuration Basics - 67%
Operational Monitoring and Maintenance - 100%
Routing Fundamentals - 78%
Routing Policy and Firewall Filters - 43%
After completing this question in the JNCIA-Junos practice quiz I still didn't feel confident in my understanding of the behavior of using these configuration options. The Juniper Quiz and other sources seemed to point towards the following explanation:
Primary= Local to Remote traffic will use this address as the source
Preferred= Local to Local (same subnet) traffic will use this address as the source
But this cannot be further from the truth! After testing I believe the following is true:
Preferred= Specifies the source address used for unicast local and remote traffic
Primary= As documented used only for Broad/Multicast traffic sourcing if the interface is also the primary interface, otherwise it's just a candidate for the primary address
I tested this a few different ways by performing pings to the local subnet and to a different subnet. The
primary keyword has no effect on the source of local/remote traffic, only the
Am I in the ballpark with this?
I am looking for help I want to access juniper switch thru mini port console and usb port on laptop.. I have the cable..one side i connect to mini usb port on switch and the other end on laptop. it shows me CON6. I open putty on "Serial " and i choose serial line to connect : COM6. speed : 9600. data bits : 8. stop bits : 1. parity : none. flow control: XON/XOFF.
and still i cannot connect. can anyone help me where is the problem and how to solve that. the switch is EX2200-c POE
Hi everybody , I am new on Juniper devices. I Just start a new job as IT and on my work place I have a Juniper Switch EX2200-c POE that is connected with router SRX240. I have some questions. 1) how to access switch with laptop.how to go on management web page of switch or cli. is any program that i have to install on my pc..is a simple question. 2) can i make switch EX2200-c POE to work as DHCP.. and if is yes..how to do that.
Waiting for your reply Thank you
I have completed the Juniper Open Leaning course and scheduled my exam for December 16th. Any tips on what to focus on or how to go about reviewing? This will be my 1st certification exam, ever.
I'm reading on how Junos deals with etherchannels right now. It looks like you must configure the amount of AE interfaces under the hierarchy:
chassis aggregated-devices ethernet device-count
However it sounds that when you say you want one interface, it creates ae0. My question is -- is there any way to define the number of the interface? Let's say I want to make an etherchannel back to my core device, but I want the interface to be ae100.
Is there any way to rename the ae interface to another number, or define it manually from start?