I eventually manually installed the license keys using the CLI. Showing results for Search instead for Do you mean Reply Topic Options Start Article Subscribe to RSS Feed Mark Topic as New Mark Topic as Read Float this Topic to the Please map these two subnet on your network diagram and we can troubleshoot and see what is not working. 0 Message Author Comment by:3XLcom ID: 370396612011-10-27 So there is no All I had to do was to import the offending CA Cert. Source
Logged Dododope Newbie Posts: 47 Karma: +0/-0 Re: failed to update license key « Reply #3 on: December 18, 2008, 07:12:10 am » On which type of device are you doing Go to Solution 21 17 2 3 Participants 3XLcom(21 comments) dpk_wal(17 comments) LVL 32 Software Firewalls23 Hardware Firewalls22 Network Architecture4 Sanga Collins(2 comments) LVL 18 Hardware Firewalls13 Software Firewalls4 Network Architecture4 Can you ping the DNS Server IP from SSG. CA-Cert=<>, Subj-name=<>.## 2009-01-19 21:15:42 : http-fx: conn setup/SSL bind ...
but if i connect my laptop to router and get an ip lik xx.xx.xx.100 it is ok i should access so juni is not allow me to connect from any network why this question ? forget about privacy check this out 77.2223.156.1 my router ip 126.96.36.199 and 38 my juni ip and for ex.
Message 8 of 10 (20,013 Views) Reply CR Trusted Contributor Posts: 100 Registered: 11-07-2007 0 Kudos Re: [SSG-5] Unable to reach entitlement server Options Mark as New Bookmark Subscribe Subscribe If you wish you can put specific subnet IP route; but then I think you would to add lot of route and as device is behind cisco route; adding default route Complete. ## 2011-03-10 09:03:07 : http-fx: conn setup/connecting ... ## 2011-03-10 09:03:10 : http-fx: conn setup/FAIL <188.8.131.52:443>. ## 2011-03-10 09:03:10 : http-fx: closed connection to 184.108.40.206 ... I've checked from the arp table of cisco it shows that the juni get ip address correctly also Protocol Address Age (min) Hardware Addr Type Interface Internet xxx.xxx.xxx.15 38 b8ac.6f97.8271 ARPA
When I execute debug http-fx all and tried the update I see this error: http-fx: conn setup/SSL bind ... I am able to ping from untrust network to trust network servers.From My Laptop I am able to ping from trust network servers to untrust network.From My Server to Google for If you are experiencing a similar issue, please ask a related question Suggested Solutions Title # Comments Views Activity Would an outbound ACL be an overkill? 3 67 96d Correct port The policies on the firewall currently allow all outbound and inbound traffic; only that for inbound traffic AV inspection is also enabled.
HTTP Status 404 - type Status reportmessage description The requested resource () is not available.Apache Tomcat/5.5.17 But it still would not work as it could not download the AV updates. Ya looks like layer2 mode is your setup. Internet connection is ok.
I'm at a loss here. Get 1:1 Help Now Advertise Here Enjoyed your answer? so juniper can not access the update servers and other points that is the problem i do not understand that why you do not understand me all the problem is that JuniperForum.com Welcome, Guest.
Try it for free! http://webjak.net/unable-to/unable-to-reach-battle-net.html wait a few seconds to let it fail...get db streamthis will provide you a detailed debug, which may tell you what the problem is.Thanks,Casper Message 5 of 10 (20,393 Views) yyy.yyy.yyy.0-255 and i've checked that from a computer that connected router with yyy ip block is not able to connect while it has a yyy ip block . All rights reserved.
Is it in a cluster? Let me ask you this, let's say the juniper box is removed from network. If you feel this in error, I would suggest you contact your sales rep, and possibly customer care to get this issue resolved. have a peek here In these forums I found someone who had a similar issue that ended up being caused by not having the proper certificate installed, so I ran debug pki detail but did
So, as you have two interface on trust side going into two L2 switches, you are changing IP from 77.x.x.4 to 92.x.x.151 and then the server loses connectivity. If you contact Juniper they can probably resolve the issue.RegardsGavrilo Message 4 of 10 (20,427 Views) Reply CR Trusted Contributor Posts: 100 Registered: 11-07-2007 0 Kudos Re: [SSG-5] Unable to Pings send from the CLI are send with the interface IP address while license updates are send with the management IP address.
Message 3 of 3 (6,203 Views) Reply « Message Listing « Previous Topic Next Topic » Solutions About Juniper Partners Community Request a Quote How to Buy Feedback Contact Us ScreenOs is 6.1.0.R4.See below :xxxxxx:SSG1(M)-> exec license-key updateThe device was unable to reach the entitlement server to retrieve license keysFailed command - exec license-key updatexxxxxx:SSG1(M)-> ping www.google.frType escape sequence to abortSending so the problem is on juni. For security reason please do not post complete IP; you should mask two octets for security reasons.
In above case if we use physical interface eth0/1 in place of eth0/0; then there should not be any difference. Logged JNCIA-FWV, JNCIS-FWV haze Full Member Posts: 155 Karma: +0/-0 Re: failed to update license key « Reply #9 on: December 24, 2008, 07:44:11 am » Hi foo727,Is the clock and i am able to ping router from my laptop i am able to ping hp procurve switch from my laptop i am not able to ping juni from my laptop Check This Out Join the community of 500,000 technology professionals and ask your questions.
Thank you. 0 Message Author Comment by:3XLcom ID: 370389352011-10-27 This is so strange no i am not :s and also i am not able to ping google ip :( but Case 2: Now you change your server to 92.x.x.151 and router is still on 77.x.x.1, does your server still have complete network connectivity. Back Products & Services Products & Services Products Identity and Policy Control Network Edge Services Network Management Network Operating System Packet Optical Routers Security Software Defined Networking Switches All Products A-Z Join Now For immediate help use Live now!
Also, I don't think that is the issue as I have not done anything with the certificates on the device. This article will help you identify and understand the purpose and use of slash notations. You put in your hardware ID with Auth code to generate the key, then "exec license-key
jun-dns.png 0 LVL 18 Overall: Level 18 Hardware Firewalls 13 Software Firewalls 4 Network Architecture 4 Message Active 1 day ago Expert Comment by:Sanga Collins ID: 370388752011-10-27 are you able DNS looks fine but trying a different dns server will make sure thaat dns is not the problem.