Juniper JunOS transfer on commit fails

I had quite a surprise when I discover that my transfer on commit stopped working on my SRX firewall.

The error in the logfile was :

 ACCT_XFER_FAILED: Error transferring /var/transfer/config/*  

Not really explicit...

Turn out that /cf/var/ was full, it needs at least some free MB to work properly, that sound weird as the config file only requires several KB.

The configuration is indeed copied to /cf/var/transfer/config/ before being transferred over the network. If /cf/var/ is full then the configuration cannot be copied and the transfer process finds nothing to send hence the error message above.

If you have the same error, cleanup some old logfiles and maybe decrease the amount of data you're logging.

For any other errors, I recommend this post which explains all the other issues you may have with transfer on commit.

http://www.net-gyver.com/?p=655

Hope that helps !

Shrew VPN Client + Juniper SRX : "session terminated by gateway" (Autodisconnect)

If like me, you're trying to connect to a Juniper dynamic VPN with Shrew VPN Client, be aware that this not yet possible.

The connection works but the tunnel is constantly disconnected after 60 seconds.

I asked the core developer "Matthiew Grooms" about this and after few debug, it seems like a fix is needed in Shrew's code:

"It's pretty clear whats going on but it won't be possible to fix without 
a rewrite of the modecfg code on the Shrew Soft VPN client, which is probably 
needed anyway."

Full technical details are available at :
https://lists.shrew.net/pipermail/vpn-help/2012-December/014091.html

If anybody found out an alternative solution please share !