Can't add 101st MIP...
|
View:
New views
7 Messages
—
Rating Filter:
Alert me
|
 |
Can't add 101st MIP...
by Binand Sethumadhavan
::
Rate this Message:
Reply (Restricted by the Administrator) | Reply to Author | View Threaded | Show Only this Message FW1(M)-> set interface ethernet2/1 mip x.y.z.248 host p.q.r.124
netmask 255.255.255.255 vrouter trust-vr Mip: can't be added Failed command - set interface ethernet2/1 mip x.y.z.248 host p.q.r.124 netmask 255.255.255.255 vrouter trust-vr Total MIPs under Root configured:100 Max:20000. This is Netscreen 5200, running 5.4.0r1.0. Where should I look to fix this? The error message is rather hazy on details :( Binand _______________________________________________ nn mailing list nn@... http://qorbit.net/mailman/listinfo/nn |
||||||||||
|
|
Re: Can't add 101st MIP...
by Ernest Lau
::
Rate this Message:
Reply (Restricted by the Administrator) | Reply to Author | View Threaded | Show Only this Message You can only have 100 MIPs on the root vsys. Are you setting these MIPs
address in sequence? If you are, check the doc for how to setup MIPS with netmask. Ernest -----Original Message----- From: Binand Sethumadhavan [mailto:binand@...] Sent: Thursday, December 07, 2006 3:32 AM To: Netscreen Mailing List Subject: [nn] Can't add 101st MIP... FW1(M)-> set interface ethernet2/1 mip x.y.z.248 host p.q.r.124 netmask 255.255.255.255 vrouter trust-vr Mip: can't be added Failed command - set interface ethernet2/1 mip x.y.z.248 host p.q.r.124 netmask 255.255.255.255 vrouter trust-vr Total MIPs under Root configured:100 Max:20000. This is Netscreen 5200, running 5.4.0r1.0. Where should I look to fix this? The error message is rather hazy on details :( Binand _______________________________________________ nn mailing list nn@... http://qorbit.net/mailman/listinfo/nn _______________________________________________ nn mailing list nn@... http://qorbit.net/mailman/listinfo/nn |
||||||||||
|
|
NS25 crashes on license upgrade
by Joe Loiacono
::
Rate this Message:
Reply (Restricted by the Administrator) | Reply to Author | View Threaded | Show Only this Message Had a NetScreen 25 crash during an upgrade of license keys from Basic to Advanced. Has this happened to anyone before? KB has nothing. Thanks, Joe _______________________________________________ nn mailing list nn@... http://qorbit.net/mailman/listinfo/nn |
||||||||||
|
|
Re: NS25 crashes on license upgrade
by Jost Menke
::
Rate this Message:
Reply (Restricted by the Administrator) | Reply to Author | View Threaded | Show Only this Message -------- Original-Nachricht -------- Datum: Mon, 11 Dec 2006 16:51:27 -0500 Von: Joe Loiacono <jloiacon@...> An: "Netscreen Mailing List" <nn@...> Betreff: [nn] NS25 crashes on license upgrade > Had a NetScreen 25 crash during an upgrade of license keys from Basic to > Advanced. Has this happened to anyone before? KB has nothing. > > Thanks, > > Joe What ScreenOS version is the box running? Regards, Jost Menke -- "Ein Herz für Kinder" - Ihre Spende hilft! Aktion: www.deutschlandsegelt.de Unser Dankeschön: Ihr Name auf dem Segel der 1. deutschen America's Cup-Yacht! _______________________________________________ nn mailing list nn@... http://qorbit.net/mailman/listinfo/nn |
||||||||||
|
|
Logging 'deny all' and forcing policy to bottom
by Joe Loiacono
::
Rate this Message:
Reply (Restricted by the Administrator) | Reply to Author | View Threaded | Show Only this Message The only way to log traffic that gets caught by the 'deny all' implicit rule, is to make it an explicit rule with the 'log' option. However, once you do this, you must reorder your policies every time you add a new one to force the explicit 'deny all' to the bottom of the list. The KB says it can't be done, but I thought I had seen someone show how to force this to the bottom in an earlier list email, but I can't find it now. :-( Anyone know how to do this? Thanks, Joe
Had a NetScreen 25 crash during an upgrade of license keys from Basic to Advanced. Has this happened to anyone before? KB has nothing. Thanks, Joe_______________________________________________ nn mailing list nn@... http://qorbit.net/mailman/listinfo/nn _______________________________________________ nn mailing list nn@... http://qorbit.net/mailman/listinfo/nn |
||||||||||
|
|
Re: Logging 'deny all' and forcing policy to bottom
by dh-7
::
Rate this Message:
Reply (Restricted by the Administrator) | Reply to Author | View Threaded | Show Only this Message /dh Joe Loiacono wrote:
_______________________________________________ nn mailing list nn@... http://qorbit.net/mailman/listinfo/nn |
||||||||||
|
|
Re: Logging 'deny all' and forcing policy to bottom
by Joe Loiacono
::
Rate this Message:
Reply (Restricted by the Administrator) | Reply to Author | View Threaded | Show Only this Message Thanks guys, For clarification and for others: I got thrown off when I did a 'get config' and it showed my 'global global deny all' statement as policy number 78, but I had a bunch of policies with higher numbers, and I worried that these were being blocked. However, when I issue a 'get policy' the 'global deny' does not show up (it does when I issue a 'get policy global'). So - I take this to mean it is working properly. Thanks, Joe dh <rugby@...> wrote on 12/12/2006 11:39:36 AM: > Create a Global Zone to Global Zone Any Any Any Deny Log rule. > Global rules are processed after individual zone-to-zone rules and > would therefore only trigger if all other possible polices failed to match. > > > /dh > > > Joe Loiacono wrote: > > The only way to log traffic that gets caught by the 'deny all' > implicit rule, is to make it an explicit rule with the 'log' option. > However, once you do this, you must reorder your policies every time > you add a new one to force the explicit 'deny all' to the bottom of the list. > > The KB says it can't be done, but I thought I had seen someone show > how to force this to the bottom in an earlier list email, but I > can't find it now. :-( > > Anyone know how to do this? > > Thanks, > > Joe > > > > Joe Loiacono/CIV/CSC@CSC > Sent by: nn-bounces@... > 12/11/2006 04:51 PM > > To > > "Netscreen Mailing List" <nn@...> > > cc > > Subject > > [nn] NS25 crashes on license upgrade > > > > > > Had a NetScreen 25 crash during an upgrade of license keys from > Basic to Advanced. Has this happened to anyone before? KB has nothing. > > Thanks, > > Joe_______________________________________________ > nn mailing list > nn@... > http://qorbit.net/mailman/listinfo/nn > > > _______________________________________________ > nn mailing list > nn@... > http://qorbit.net/mailman/listinfo/nn > _______________________________________________ nn mailing list nn@... http://qorbit.net/mailman/listinfo/nn |
| Free Forum Powered by Nabble | Forum Help |
