[j-nsp] IPSec config problem

[Bosco Sachanandani]

Hi Team

Dunno if I am facing a strange problem or whether I have missed out on a step. I need to be sure of this before I raise a TAC with Juniper local support (who I may add are pretty lousy!)

Can anyone tell me what is the code base that you loaded on the Juniper for IPSec support (Jcrypto)?

You see I can see the crypto code base only on one routing engine and not on the other. The software bundle on routing engine 0 and 1 under /var/tmp is jbundle-5.5R3.1-export-signed.tgz

When I issue the command 

superuser at lab-re1> request system software validate /var/tmp/jbundle-5.5R3.1-export-signed.tgz

it DOES NOT validate the configuration against the jcrypto code base on routing engine 1 but it does on routing engine 0. The file size of the jbundle loaded on both routing-engines is identical. Hence I cannot seem to figure out where the problem is.

As a result, re0 has the IPSec configuration (currently the master) but re1 does not. When I do a commit sync from the routing engine where I can see the IPSec config under the security hierarchy, it does not return any errors.

Couple of additional things:

1) I was basically trying to set the craft interface display when this problem started and a routing engine fail over occurred. This is really strange since I expect a M20 to be more stable!

2) Due to this I had to restart the routing engine with the above given code base.

3) On the routing engine where I cannot see any entries under the EDIT SECURITY tab, I can see the configuration of the ES-PIC. I have one ES PIC on this M20

Please help!

Thanks in advance
Bosco

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://puck.nether.net/pipermail/juniper-nsp/attachments/20030811/8ede647d/attachment.htm