Or possibly set up port replication on the switch port that the
netscreen connects to? Then direct the 2nd port to a pc with wireshark,
snort or even just run tcp dump.
Brian Cotti
IT Manager
Stenstrom Companies
-----Original Message-----
From:
nn-bounces@... [mailto:
nn-bounces@...] On Behalf
Of David Lagace
Sent: Friday, May 16, 2008 8:41 AM
To: Shawn Edwards
Cc:
nn@...
Subject: Re: [nn] Interface monitoring
Hi Shawn,
From the CLI on the firewall you could use w/ some filters debug flow
basic this will give you some information on the packets coming through
and their status in regards to the device(Blocked, not blocked, VR,
routing etc)
Another option is SNOOP. This is a straight packet dump to the logging
buffer.
Perhaps another option is to check the sessions on the device and see if
there's a source or destination that comes up often. get sessions will
be
your friend then.
Hope this helps,
--Dave
On Thu, 15 May 2008, Shawn Edwards wrote:
> I'm attempting to work out a network traffic issue and i'm hoping the
> juniper will be able to help me out, and i need some people's
opinions..
>
> I'm running a Juniper netscreen 25..
>
> Our trusted interface on the juniper side is showing a high
utilization
> rate constant (4-7 mb/s) but internet traffic is nowhere near this,
so
> i'm led to believe there is either something broadcasting on my lan or
> there is a lot of local traffic elsewhere, but either way, the traffic
is
> hitting the trusted port on the juniper... Is there any type of
sniffing
> or monitoring built in to the juniper that could aid me in resolving
the
> issue?
>
> Thanks,
> Shawn Edwards
> Sr. Network Analyst
> Pathix ASP
> Ph: 709-724-8564
> Fax: 709-724-8545
>
sedwards@...
>
>
>
> "M.Mihailidis" <
mixalism@...>
> Sent by:
nn-bounces@...
> 05/15/2008 02:44 PM
>
> To
> "Juniper-Nsp" <
juniper-nsp@...>, <
nn@...>
> cc
>
> Subject
> [nn] (no subject)
>
>
>
>
>
>
> Hello I need help on configuring IPSec vpn I use Shrew soft VPN client
abd
> I have tried extensively and don?t seem to
> Get it to work and get this output. I checked user credential if
> something?s wrong with username and password but everything seems
fine.
> Is maybe the clients problem I tried configuration method ?push?
instead
> of ?pull? but no luck.
> Any help welcome
> Thank you
>
>
> IKE< xx.xx.xx.xx >: XAuth login failed for gateway <IKEGW>, username
> <snakething>, retry: 0, timeout: 1.2008-05-15 20:22:47infoRejected an
IKE
> packet on ethernet3 from xx.xx.xx.xx:500 to xx.xx.xx.xx:500 with
cookies
> e65eaf2e695829ea and 6edea809eda5088d because a Phase 2 packet arrived
> while XAuth was still pending.2008-05-15 20:22:47infoIKE<xx.xx.xx.xx>
> Phase 1: Completed Aggressive mode negotiations with a <28800>-second
> lifetime.2008-05-15 20:22:47infoIKE< xx.xx.xx.xx > Phase 1: Completed
for
> user <snakething>.2008-05-15 20:22:47infoIKE< xx.xx.xx.xx > Phase 1:
> Responder starts AGGRESSIVE mode negotiations.
> _______________________________________________
> nn mailing list
>
nn@...
>
http://www.compsoc.com/cgi-bin/mailman/listinfo/nn>
>
>
>
>
> This e-mail may contain confidential information and the sender does
not
> waive any related rights and obligations. If you are not the intended
> recipient please notify the sender and discard it.
_______________________________________________
nn mailing list
nn@...
http://www.compsoc.com/cgi-bin/mailman/listinfo/nn_______________________________________________
nn mailing list
nn@...
http://www.compsoc.com/cgi-bin/mailman/listinfo/nn
Some parts of this message have been removed.
Learn more about Nabble's security policy.
