<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN">
<HTML>
<HEAD>
<META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=iso-8859-1">
<META NAME="Generator" CONTENT="MS Exchange Server version 6.0.6249.1">
<TITLE>IPSec config problem</TITLE>
</HEAD>
<BODY>
<!-- Converted from text/rtf format -->
<P><FONT COLOR="#000000" SIZE=2 FACE="Verdana">Hi Team</FONT>
</P>
<P><FONT COLOR="#000000" SIZE=2 FACE="Verdana">Dunno if I am facing a strange problem or whether I have missed out on a step. I need to be sure of this before I raise a TAC with Juniper local support (who I may add are pretty lousy!)</FONT></P>
<P><FONT COLOR="#000000" SIZE=2 FACE="Verdana">Can anyone tell me what is the code base that you loaded on the Juniper for IPSec support (Jcrypto)?</FONT>
</P>
<P><FONT COLOR="#000000" SIZE=2 FACE="Verdana">You see I can see the crypto code base only on one routing engine and not on the other. The software bundle on routing engine 0 and 1 under /var/tmp is jbundle-5.5R3.1-export-signed.tgz</FONT></P>
<P><FONT COLOR="#000000" SIZE=2 FACE="Verdana">When I issue the command </FONT>
</P>
<P><FONT COLOR="#000000" SIZE=2 FACE="Verdana">superuser@lab-re1> request system software validate /var/tmp/jbundle-5.5R3.1-export-signed.tgz</FONT>
</P>
<P><FONT COLOR="#000000" SIZE=2 FACE="Verdana">it DOES NOT validate the configuration against the jcrypto code base on routing engine 1 but it does on routing engine 0. The file size of the jbundle loaded on both routing-engines is identical. Hence I cannot seem to figure out where the problem is.</FONT></P>
<P><FONT COLOR="#000000" SIZE=2 FACE="Verdana">As a result, re0 has the IPSec configuration (currently the master) but re1 does not. When I do a commit sync from the routing engine where I can see the IPSec config under the security hierarchy, it does not return any errors.</FONT></P>
<P><FONT COLOR="#000000" SIZE=2 FACE="Verdana">Couple of additional things:</FONT>
</P>
<P><FONT COLOR="#000000" SIZE=2 FACE="Verdana">1) I was basically trying to set the craft interface display when this problem started and a routing engine fail over occurred. This is really strange since I expect a M20 to be more stable!</FONT></P>
<P><FONT COLOR="#000000" SIZE=2 FACE="Verdana">2) Due to this I had to restart the routing engine with the above given code base.</FONT>
</P>
<P><FONT COLOR="#000000" SIZE=2 FACE="Verdana">3) On the routing engine where I cannot see any entries under the EDIT SECURITY tab, I can see the configuration of the ES-PIC. I have one ES PIC on this M20</FONT></P>
<P><FONT COLOR="#000000" SIZE=2 FACE="Verdana">Please help!</FONT>
</P>
<P><FONT COLOR="#000000" SIZE=2 FACE="Verdana">Thanks in advance</FONT>
<BR><FONT COLOR="#000000" SIZE=2 FACE="Verdana">Bosco</FONT>
</P>
</BODY>
</HTML>