You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@cloudstack.apache.org by Sean Truman <st...@gmail.com> on 2013/06/14 18:12:01 UTC
SRX Integration Issues.
All,
I am trying to add an SRX 100 to Cloud Stack and keep getting a "Illegal
Group Reference"
Here is how I am trying to add the config.
IP Address: 10.0.2.1
Username: root
Password: password
Type: Juniper SRX Firewall
Public Interface: fe-0/0/0.0
Private Interface: fe-0/0/1.0
Usage interface:
Number of Retries: 2
Timeout: 300
Public network: untrust
Private network: trust
Capacity: 10
Here is my SRX configuration.
http://pastebin.com/nTVEM92p
Here is the only logs I get from management-server.log
http://pastebin.com/pWB0Kbtu
Any help would be greatly appreciated.
v/r
Sean
Re: SRX Integration Issues.
Posted by Sheng Yang <sh...@yasker.org>.
I meant, this looks like mgmt server Java error rather than SRX error.
This is from your log:
1. 2013-06-14 09:26:29,327 WARN [cloud.api.ApiDispatcher]
(Job-Executor-37:job-65) class com.cloud.api.ServerApiException : Illegal
group reference
See also:
http://stackoverflow.com/questions/11913709/why-does-replaceall-fail-with-illegal-group-reference
http://cephas.net/blog/2006/02/09/javalangillegalargumentexception-illegal-group-reference-replaceall-and-dollar-signs/
http://webtrouble.blogspot.com/2009/04/java-illegal-group-reference.html
Maybe some substitute functions got wrong in the code due to the string got
illegal characters.
e.g. replaceXmlValue() in JuniperSrxResource.java used replaceAll()
function that may result in "Illegal group reference exception."
private String replaceXmlValue(String xml, String marker, String value)
{
marker = "\\s*%" + marker + "%\\s*";
if (value == null) {
value = "";
}
return xml.replaceAll(marker, value);
}
--Sheng
On Fri, Jun 14, 2013 at 11:00 AM, Sean Truman <st...@gmail.com> wrote:
> Looking through the source their isn't much logging, plus it's all over
> SSL so I cannot see the traffic being passed using tcpdump.
>
> Sean
>
> On Jun 14, 2013, at 12:54 PM, Sheng Yang <sh...@yasker.org> wrote:
>
> > It looks like a string issue of Java itself. What exactly failed on
> > test.xml?
> >
> > --Sheng
> >
> >
> > On Fri, Jun 14, 2013 at 9:55 AM, Sean Truman <st...@gmail.com> wrote:
> >
> >> I am using untagged VLAN on my public side. It's failing on the test.xml
> >> looking for trust group!
> >>
> >> Sean
> >>
> >> On Jun 14, 2013, at 11:51 AM, Jayapal Reddy Uradi <
> >> jayapalreddy.uradi@citrix.com> wrote:
> >>
> >>> Hi,
> >>>
> >>> I am not sure about the error but please see the below example
> >> configuration and correct your configuration.
> >>>
> >>>
> >>> Example confirmation:
> >>>
> >>>> Public Interface: fe-0/0/4.52
> >>>> Private Interface: fe-0/0/1
> >>>
> >>> fe-0/0/1 - private interface
> >>> fe-0/0/4.52 - public interface where my public network vlan id is 52.
> >>>
> >>> Example commands:
> >>> set interfaces fe-0/0/1 description "Private network"
> >>> set interfaces fe-0/0/1 vlan-tagging
> >>>
> >>> set interfaces fe-0/0/4 unit 52 vlan-id 52
> >>> set interfaces fe-0/0/4 unit 52 family inet filter input untrust
> >>>
> >>> Thanks,
> >>> Jayapal
> >>>
> >>> On 14-Jun-2013, at 9:42 PM, Sean Truman <st...@gmail.com>
> >>> wrote:
> >>>
> >>>> All,
> >>>>
> >>>> I am trying to add an SRX 100 to Cloud Stack and keep getting a
> "Illegal
> >>>> Group Reference"
> >>>>
> >>>> Here is how I am trying to add the config.
> >>>> IP Address: 10.0.2.1
> >>>> Username: root
> >>>> Password: password
> >>>> Type: Juniper SRX Firewall
> >>>> Public Interface: fe-0/0/0.0
> >>>> Private Interface: fe-0/0/1.0
> >>>> Usage interface:
> >>>> Number of Retries: 2
> >>>> Timeout: 300
> >>>> Public network: untrust
> >>>> Private network: trust
> >>>> Capacity: 10
> >>>>
> >>>>
> >>>>
> >>>> Here is my SRX configuration.
> >>>>
> >>>> http://pastebin.com/nTVEM92p
> >>>>
> >>>>
> >>>> Here is the only logs I get from management-server.log
> >>>>
> >>>> http://pastebin.com/pWB0Kbtu
> >>>>
> >>>> Any help would be greatly appreciated.
> >>>>
> >>>> v/r
> >>>> Sean
> >>
>
Re: SRX Integration Issues.
Posted by Sean Truman <st...@gmail.com>.
I am going to enter a bug for this and submit a patch..
v/r
Sean
On Fri, Jun 14, 2013 at 4:03 PM, Sheng Yang <sh...@yasker.org> wrote:
> Oh yes, that explain the thing...
>
> --Sheng
>
>
> On Fri, Jun 14, 2013 at 1:56 PM, Sean Truman <st...@gmail.com> wrote:
>
> > SOLVED: My password had a $ in it.. which has to be escaped.. I added
> more
> > logging to the SRX source to track it down.
> >
> > v/r
> > Sean
> >
> >
> > On Fri, Jun 14, 2013 at 1:00 PM, Sean Truman <st...@gmail.com> wrote:
> >
> > > Looking through the source their isn't much logging, plus it's all over
> > > SSL so I cannot see the traffic being passed using tcpdump.
> > >
> > > Sean
> > >
> > > On Jun 14, 2013, at 12:54 PM, Sheng Yang <sh...@yasker.org> wrote:
> > >
> > > > It looks like a string issue of Java itself. What exactly failed on
> > > > test.xml?
> > > >
> > > > --Sheng
> > > >
> > > >
> > > > On Fri, Jun 14, 2013 at 9:55 AM, Sean Truman <st...@gmail.com>
> > wrote:
> > > >
> > > >> I am using untagged VLAN on my public side. It's failing on the
> > test.xml
> > > >> looking for trust group!
> > > >>
> > > >> Sean
> > > >>
> > > >> On Jun 14, 2013, at 11:51 AM, Jayapal Reddy Uradi <
> > > >> jayapalreddy.uradi@citrix.com> wrote:
> > > >>
> > > >>> Hi,
> > > >>>
> > > >>> I am not sure about the error but please see the below example
> > > >> configuration and correct your configuration.
> > > >>>
> > > >>>
> > > >>> Example confirmation:
> > > >>>
> > > >>>> Public Interface: fe-0/0/4.52
> > > >>>> Private Interface: fe-0/0/1
> > > >>>
> > > >>> fe-0/0/1 - private interface
> > > >>> fe-0/0/4.52 - public interface where my public network vlan id is
> 52.
> > > >>>
> > > >>> Example commands:
> > > >>> set interfaces fe-0/0/1 description "Private network"
> > > >>> set interfaces fe-0/0/1 vlan-tagging
> > > >>>
> > > >>> set interfaces fe-0/0/4 unit 52 vlan-id 52
> > > >>> set interfaces fe-0/0/4 unit 52 family inet filter input untrust
> > > >>>
> > > >>> Thanks,
> > > >>> Jayapal
> > > >>>
> > > >>> On 14-Jun-2013, at 9:42 PM, Sean Truman <st...@gmail.com>
> > > >>> wrote:
> > > >>>
> > > >>>> All,
> > > >>>>
> > > >>>> I am trying to add an SRX 100 to Cloud Stack and keep getting a
> > > "Illegal
> > > >>>> Group Reference"
> > > >>>>
> > > >>>> Here is how I am trying to add the config.
> > > >>>> IP Address: 10.0.2.1
> > > >>>> Username: root
> > > >>>> Password: password
> > > >>>> Type: Juniper SRX Firewall
> > > >>>> Public Interface: fe-0/0/0.0
> > > >>>> Private Interface: fe-0/0/1.0
> > > >>>> Usage interface:
> > > >>>> Number of Retries: 2
> > > >>>> Timeout: 300
> > > >>>> Public network: untrust
> > > >>>> Private network: trust
> > > >>>> Capacity: 10
> > > >>>>
> > > >>>>
> > > >>>>
> > > >>>> Here is my SRX configuration.
> > > >>>>
> > > >>>> http://pastebin.com/nTVEM92p
> > > >>>>
> > > >>>>
> > > >>>> Here is the only logs I get from management-server.log
> > > >>>>
> > > >>>> http://pastebin.com/pWB0Kbtu
> > > >>>>
> > > >>>> Any help would be greatly appreciated.
> > > >>>>
> > > >>>> v/r
> > > >>>> Sean
> > > >>
> > >
> >
>
Re: SRX Integration Issues.
Posted by Sheng Yang <sh...@yasker.org>.
Oh yes, that explain the thing...
--Sheng
On Fri, Jun 14, 2013 at 1:56 PM, Sean Truman <st...@gmail.com> wrote:
> SOLVED: My password had a $ in it.. which has to be escaped.. I added more
> logging to the SRX source to track it down.
>
> v/r
> Sean
>
>
> On Fri, Jun 14, 2013 at 1:00 PM, Sean Truman <st...@gmail.com> wrote:
>
> > Looking through the source their isn't much logging, plus it's all over
> > SSL so I cannot see the traffic being passed using tcpdump.
> >
> > Sean
> >
> > On Jun 14, 2013, at 12:54 PM, Sheng Yang <sh...@yasker.org> wrote:
> >
> > > It looks like a string issue of Java itself. What exactly failed on
> > > test.xml?
> > >
> > > --Sheng
> > >
> > >
> > > On Fri, Jun 14, 2013 at 9:55 AM, Sean Truman <st...@gmail.com>
> wrote:
> > >
> > >> I am using untagged VLAN on my public side. It's failing on the
> test.xml
> > >> looking for trust group!
> > >>
> > >> Sean
> > >>
> > >> On Jun 14, 2013, at 11:51 AM, Jayapal Reddy Uradi <
> > >> jayapalreddy.uradi@citrix.com> wrote:
> > >>
> > >>> Hi,
> > >>>
> > >>> I am not sure about the error but please see the below example
> > >> configuration and correct your configuration.
> > >>>
> > >>>
> > >>> Example confirmation:
> > >>>
> > >>>> Public Interface: fe-0/0/4.52
> > >>>> Private Interface: fe-0/0/1
> > >>>
> > >>> fe-0/0/1 - private interface
> > >>> fe-0/0/4.52 - public interface where my public network vlan id is 52.
> > >>>
> > >>> Example commands:
> > >>> set interfaces fe-0/0/1 description "Private network"
> > >>> set interfaces fe-0/0/1 vlan-tagging
> > >>>
> > >>> set interfaces fe-0/0/4 unit 52 vlan-id 52
> > >>> set interfaces fe-0/0/4 unit 52 family inet filter input untrust
> > >>>
> > >>> Thanks,
> > >>> Jayapal
> > >>>
> > >>> On 14-Jun-2013, at 9:42 PM, Sean Truman <st...@gmail.com>
> > >>> wrote:
> > >>>
> > >>>> All,
> > >>>>
> > >>>> I am trying to add an SRX 100 to Cloud Stack and keep getting a
> > "Illegal
> > >>>> Group Reference"
> > >>>>
> > >>>> Here is how I am trying to add the config.
> > >>>> IP Address: 10.0.2.1
> > >>>> Username: root
> > >>>> Password: password
> > >>>> Type: Juniper SRX Firewall
> > >>>> Public Interface: fe-0/0/0.0
> > >>>> Private Interface: fe-0/0/1.0
> > >>>> Usage interface:
> > >>>> Number of Retries: 2
> > >>>> Timeout: 300
> > >>>> Public network: untrust
> > >>>> Private network: trust
> > >>>> Capacity: 10
> > >>>>
> > >>>>
> > >>>>
> > >>>> Here is my SRX configuration.
> > >>>>
> > >>>> http://pastebin.com/nTVEM92p
> > >>>>
> > >>>>
> > >>>> Here is the only logs I get from management-server.log
> > >>>>
> > >>>> http://pastebin.com/pWB0Kbtu
> > >>>>
> > >>>> Any help would be greatly appreciated.
> > >>>>
> > >>>> v/r
> > >>>> Sean
> > >>
> >
>
Re: SRX Integration Issues.
Posted by Sean Truman <st...@gmail.com>.
SOLVED: My password had a $ in it.. which has to be escaped.. I added more
logging to the SRX source to track it down.
v/r
Sean
On Fri, Jun 14, 2013 at 1:00 PM, Sean Truman <st...@gmail.com> wrote:
> Looking through the source their isn't much logging, plus it's all over
> SSL so I cannot see the traffic being passed using tcpdump.
>
> Sean
>
> On Jun 14, 2013, at 12:54 PM, Sheng Yang <sh...@yasker.org> wrote:
>
> > It looks like a string issue of Java itself. What exactly failed on
> > test.xml?
> >
> > --Sheng
> >
> >
> > On Fri, Jun 14, 2013 at 9:55 AM, Sean Truman <st...@gmail.com> wrote:
> >
> >> I am using untagged VLAN on my public side. It's failing on the test.xml
> >> looking for trust group!
> >>
> >> Sean
> >>
> >> On Jun 14, 2013, at 11:51 AM, Jayapal Reddy Uradi <
> >> jayapalreddy.uradi@citrix.com> wrote:
> >>
> >>> Hi,
> >>>
> >>> I am not sure about the error but please see the below example
> >> configuration and correct your configuration.
> >>>
> >>>
> >>> Example confirmation:
> >>>
> >>>> Public Interface: fe-0/0/4.52
> >>>> Private Interface: fe-0/0/1
> >>>
> >>> fe-0/0/1 - private interface
> >>> fe-0/0/4.52 - public interface where my public network vlan id is 52.
> >>>
> >>> Example commands:
> >>> set interfaces fe-0/0/1 description "Private network"
> >>> set interfaces fe-0/0/1 vlan-tagging
> >>>
> >>> set interfaces fe-0/0/4 unit 52 vlan-id 52
> >>> set interfaces fe-0/0/4 unit 52 family inet filter input untrust
> >>>
> >>> Thanks,
> >>> Jayapal
> >>>
> >>> On 14-Jun-2013, at 9:42 PM, Sean Truman <st...@gmail.com>
> >>> wrote:
> >>>
> >>>> All,
> >>>>
> >>>> I am trying to add an SRX 100 to Cloud Stack and keep getting a
> "Illegal
> >>>> Group Reference"
> >>>>
> >>>> Here is how I am trying to add the config.
> >>>> IP Address: 10.0.2.1
> >>>> Username: root
> >>>> Password: password
> >>>> Type: Juniper SRX Firewall
> >>>> Public Interface: fe-0/0/0.0
> >>>> Private Interface: fe-0/0/1.0
> >>>> Usage interface:
> >>>> Number of Retries: 2
> >>>> Timeout: 300
> >>>> Public network: untrust
> >>>> Private network: trust
> >>>> Capacity: 10
> >>>>
> >>>>
> >>>>
> >>>> Here is my SRX configuration.
> >>>>
> >>>> http://pastebin.com/nTVEM92p
> >>>>
> >>>>
> >>>> Here is the only logs I get from management-server.log
> >>>>
> >>>> http://pastebin.com/pWB0Kbtu
> >>>>
> >>>> Any help would be greatly appreciated.
> >>>>
> >>>> v/r
> >>>> Sean
> >>
>
Re: SRX Integration Issues.
Posted by Sean Truman <st...@gmail.com>.
Looking through the source their isn't much logging, plus it's all over SSL so I cannot see the traffic being passed using tcpdump.
Sean
On Jun 14, 2013, at 12:54 PM, Sheng Yang <sh...@yasker.org> wrote:
> It looks like a string issue of Java itself. What exactly failed on
> test.xml?
>
> --Sheng
>
>
> On Fri, Jun 14, 2013 at 9:55 AM, Sean Truman <st...@gmail.com> wrote:
>
>> I am using untagged VLAN on my public side. It's failing on the test.xml
>> looking for trust group!
>>
>> Sean
>>
>> On Jun 14, 2013, at 11:51 AM, Jayapal Reddy Uradi <
>> jayapalreddy.uradi@citrix.com> wrote:
>>
>>> Hi,
>>>
>>> I am not sure about the error but please see the below example
>> configuration and correct your configuration.
>>>
>>>
>>> Example confirmation:
>>>
>>>> Public Interface: fe-0/0/4.52
>>>> Private Interface: fe-0/0/1
>>>
>>> fe-0/0/1 - private interface
>>> fe-0/0/4.52 - public interface where my public network vlan id is 52.
>>>
>>> Example commands:
>>> set interfaces fe-0/0/1 description "Private network"
>>> set interfaces fe-0/0/1 vlan-tagging
>>>
>>> set interfaces fe-0/0/4 unit 52 vlan-id 52
>>> set interfaces fe-0/0/4 unit 52 family inet filter input untrust
>>>
>>> Thanks,
>>> Jayapal
>>>
>>> On 14-Jun-2013, at 9:42 PM, Sean Truman <st...@gmail.com>
>>> wrote:
>>>
>>>> All,
>>>>
>>>> I am trying to add an SRX 100 to Cloud Stack and keep getting a "Illegal
>>>> Group Reference"
>>>>
>>>> Here is how I am trying to add the config.
>>>> IP Address: 10.0.2.1
>>>> Username: root
>>>> Password: password
>>>> Type: Juniper SRX Firewall
>>>> Public Interface: fe-0/0/0.0
>>>> Private Interface: fe-0/0/1.0
>>>> Usage interface:
>>>> Number of Retries: 2
>>>> Timeout: 300
>>>> Public network: untrust
>>>> Private network: trust
>>>> Capacity: 10
>>>>
>>>>
>>>>
>>>> Here is my SRX configuration.
>>>>
>>>> http://pastebin.com/nTVEM92p
>>>>
>>>>
>>>> Here is the only logs I get from management-server.log
>>>>
>>>> http://pastebin.com/pWB0Kbtu
>>>>
>>>> Any help would be greatly appreciated.
>>>>
>>>> v/r
>>>> Sean
>>
Re: SRX Integration Issues.
Posted by Sean Truman <st...@gmail.com>.
Looking up the trust group, I am not seeing any exceptions in the log files.
Sean
On Jun 14, 2013, at 12:54 PM, Sheng Yang <sh...@yasker.org> wrote:
> It looks like a string issue of Java itself. What exactly failed on
> test.xml?
>
> --Sheng
>
>
> On Fri, Jun 14, 2013 at 9:55 AM, Sean Truman <st...@gmail.com> wrote:
>
>> I am using untagged VLAN on my public side. It's failing on the test.xml
>> looking for trust group!
>>
>> Sean
>>
>> On Jun 14, 2013, at 11:51 AM, Jayapal Reddy Uradi <
>> jayapalreddy.uradi@citrix.com> wrote:
>>
>>> Hi,
>>>
>>> I am not sure about the error but please see the below example
>> configuration and correct your configuration.
>>>
>>>
>>> Example confirmation:
>>>
>>>> Public Interface: fe-0/0/4.52
>>>> Private Interface: fe-0/0/1
>>>
>>> fe-0/0/1 - private interface
>>> fe-0/0/4.52 - public interface where my public network vlan id is 52.
>>>
>>> Example commands:
>>> set interfaces fe-0/0/1 description "Private network"
>>> set interfaces fe-0/0/1 vlan-tagging
>>>
>>> set interfaces fe-0/0/4 unit 52 vlan-id 52
>>> set interfaces fe-0/0/4 unit 52 family inet filter input untrust
>>>
>>> Thanks,
>>> Jayapal
>>>
>>> On 14-Jun-2013, at 9:42 PM, Sean Truman <st...@gmail.com>
>>> wrote:
>>>
>>>> All,
>>>>
>>>> I am trying to add an SRX 100 to Cloud Stack and keep getting a "Illegal
>>>> Group Reference"
>>>>
>>>> Here is how I am trying to add the config.
>>>> IP Address: 10.0.2.1
>>>> Username: root
>>>> Password: password
>>>> Type: Juniper SRX Firewall
>>>> Public Interface: fe-0/0/0.0
>>>> Private Interface: fe-0/0/1.0
>>>> Usage interface:
>>>> Number of Retries: 2
>>>> Timeout: 300
>>>> Public network: untrust
>>>> Private network: trust
>>>> Capacity: 10
>>>>
>>>>
>>>>
>>>> Here is my SRX configuration.
>>>>
>>>> http://pastebin.com/nTVEM92p
>>>>
>>>>
>>>> Here is the only logs I get from management-server.log
>>>>
>>>> http://pastebin.com/pWB0Kbtu
>>>>
>>>> Any help would be greatly appreciated.
>>>>
>>>> v/r
>>>> Sean
>>
Re: SRX Integration Issues.
Posted by Sheng Yang <sh...@yasker.org>.
It looks like a string issue of Java itself. What exactly failed on
test.xml?
--Sheng
On Fri, Jun 14, 2013 at 9:55 AM, Sean Truman <st...@gmail.com> wrote:
> I am using untagged VLAN on my public side. It's failing on the test.xml
> looking for trust group!
>
> Sean
>
> On Jun 14, 2013, at 11:51 AM, Jayapal Reddy Uradi <
> jayapalreddy.uradi@citrix.com> wrote:
>
> > Hi,
> >
> > I am not sure about the error but please see the below example
> configuration and correct your configuration.
> >
> >
> > Example confirmation:
> >
> >> Public Interface: fe-0/0/4.52
> >> Private Interface: fe-0/0/1
> >
> > fe-0/0/1 - private interface
> > fe-0/0/4.52 - public interface where my public network vlan id is 52.
> >
> > Example commands:
> > set interfaces fe-0/0/1 description "Private network"
> > set interfaces fe-0/0/1 vlan-tagging
> >
> > set interfaces fe-0/0/4 unit 52 vlan-id 52
> > set interfaces fe-0/0/4 unit 52 family inet filter input untrust
> >
> > Thanks,
> > Jayapal
> >
> > On 14-Jun-2013, at 9:42 PM, Sean Truman <st...@gmail.com>
> > wrote:
> >
> >> All,
> >>
> >> I am trying to add an SRX 100 to Cloud Stack and keep getting a "Illegal
> >> Group Reference"
> >>
> >> Here is how I am trying to add the config.
> >> IP Address: 10.0.2.1
> >> Username: root
> >> Password: password
> >> Type: Juniper SRX Firewall
> >> Public Interface: fe-0/0/0.0
> >> Private Interface: fe-0/0/1.0
> >> Usage interface:
> >> Number of Retries: 2
> >> Timeout: 300
> >> Public network: untrust
> >> Private network: trust
> >> Capacity: 10
> >>
> >>
> >>
> >> Here is my SRX configuration.
> >>
> >> http://pastebin.com/nTVEM92p
> >>
> >>
> >> Here is the only logs I get from management-server.log
> >>
> >> http://pastebin.com/pWB0Kbtu
> >>
> >> Any help would be greatly appreciated.
> >>
> >> v/r
> >> Sean
> >
>
Re: SRX Integration Issues.
Posted by Sean Truman <st...@gmail.com>.
I am using untagged VLAN on my public side. It's failing on the test.xml looking for trust group!
Sean
On Jun 14, 2013, at 11:51 AM, Jayapal Reddy Uradi <ja...@citrix.com> wrote:
> Hi,
>
> I am not sure about the error but please see the below example configuration and correct your configuration.
>
>
> Example confirmation:
>
>> Public Interface: fe-0/0/4.52
>> Private Interface: fe-0/0/1
>
> fe-0/0/1 - private interface
> fe-0/0/4.52 - public interface where my public network vlan id is 52.
>
> Example commands:
> set interfaces fe-0/0/1 description "Private network"
> set interfaces fe-0/0/1 vlan-tagging
>
> set interfaces fe-0/0/4 unit 52 vlan-id 52
> set interfaces fe-0/0/4 unit 52 family inet filter input untrust
>
> Thanks,
> Jayapal
>
> On 14-Jun-2013, at 9:42 PM, Sean Truman <st...@gmail.com>
> wrote:
>
>> All,
>>
>> I am trying to add an SRX 100 to Cloud Stack and keep getting a "Illegal
>> Group Reference"
>>
>> Here is how I am trying to add the config.
>> IP Address: 10.0.2.1
>> Username: root
>> Password: password
>> Type: Juniper SRX Firewall
>> Public Interface: fe-0/0/0.0
>> Private Interface: fe-0/0/1.0
>> Usage interface:
>> Number of Retries: 2
>> Timeout: 300
>> Public network: untrust
>> Private network: trust
>> Capacity: 10
>>
>>
>>
>> Here is my SRX configuration.
>>
>> http://pastebin.com/nTVEM92p
>>
>>
>> Here is the only logs I get from management-server.log
>>
>> http://pastebin.com/pWB0Kbtu
>>
>> Any help would be greatly appreciated.
>>
>> v/r
>> Sean
>
Re: SRX Integration Issues.
Posted by Jayapal Reddy Uradi <ja...@citrix.com>.
Hi,
I am not sure about the error but please see the below example configuration and correct your configuration.
Example confirmation:
> Public Interface: fe-0/0/4.52
> Private Interface: fe-0/0/1
fe-0/0/1 - private interface
fe-0/0/4.52 - public interface where my public network vlan id is 52.
Example commands:
set interfaces fe-0/0/1 description "Private network"
set interfaces fe-0/0/1 vlan-tagging
set interfaces fe-0/0/4 unit 52 vlan-id 52
set interfaces fe-0/0/4 unit 52 family inet filter input untrust
Thanks,
Jayapal
On 14-Jun-2013, at 9:42 PM, Sean Truman <st...@gmail.com>
wrote:
> All,
>
> I am trying to add an SRX 100 to Cloud Stack and keep getting a "Illegal
> Group Reference"
>
> Here is how I am trying to add the config.
> IP Address: 10.0.2.1
> Username: root
> Password: password
> Type: Juniper SRX Firewall
> Public Interface: fe-0/0/0.0
> Private Interface: fe-0/0/1.0
> Usage interface:
> Number of Retries: 2
> Timeout: 300
> Public network: untrust
> Private network: trust
> Capacity: 10
>
>
>
> Here is my SRX configuration.
>
> http://pastebin.com/nTVEM92p
>
>
> Here is the only logs I get from management-server.log
>
> http://pastebin.com/pWB0Kbtu
>
> Any help would be greatly appreciated.
>
> v/r
> Sean