{hold:node0} user@host1> show chassis cluster status Cluster ID. 1 Node Priority Status
Preempt Manual failover Redundancy group: 0 , Failover count: 0 node0 1 hold no no
node1 0 lost n/a n/a {hold:node0} user@host1> show configuration | no-more system {
host-name host1; root-authentication { encrypted-password
“$1$KI99zGk6$MbYFuBbpLffu9tn2.sI7l1”; ## SECRET-DATA } name-server {
172.16.10.100; } services { ssh; telnet; web-management { http; } } syslog { user * { any
emergency; } file messages { any any; authorization info; } file interactive-commands {
interactive-commands any; } } } interfaces { ge-0/0/0 { unit 0 { family inet { address
10.210.14.131/26; } } } ge-0/0/8 { unit 0 { family inet { address 172.16.1.1/24; } } } ge-0/0/9 {
unit 0 { family inet { address 172.16.10.1/24; } } } } security { policies { default-policy {
permit-all; } } zones { functional-zone management { interfaces { ge-0/0/0.0; }
host-inbound-traffic { system-services { ssh; telnet; ping; traceroute; http; snmp; } } }
security-zone Trust { host-inbound-traffic { system-services { any-service; } } interfaces {
ge-0/0/9.0; } } security-zone Untrust { host-inbound-traffic { system-services { any-service; } }
interfaces { ge-0/0/8.0; } } } } —————- {hold:node1} user@host2> show chassis cluster
status Cluster ID. 1 Node Priority Status Preempt Manual failover Redundancy group: 0 ,
Failover count: 0 node0 0 lost n/a n/a node1 1 hold no no {hold:node1} user@host2> show
configuration | no-more system { host-name host2; root-authentication {
encrypted-password “$1$KI99zGk6$MbYFuBbpLffu9tn2.sI7l1”; ## SECRET-DATA }
name-server { 172.16.10.100; } services { ssh; telnet; web-management { http; } } syslog {
user * { any emergency; } file messages { any any; authorization info; } file
interactive-commands { interactive-commands any; } } } interfaces { ge-0/0/0 { unit 0 { family
inet { address 10.210.14.132/26; } } } ge-0/0/8 { unit 0 { family inet { address 172.16.1.1/24; }
} } ge-0/0/9 { unit 0 { family inet { address 172.16.10.1/24; } } } } security { policies {
default-policy { permit-all; } } zones { functional-zone management { interfaces { ge-0/0/0.0; }
host-inbound-traffic { system-services { ssh; telnet; ping; traceroute; http; snmp; } } }
security-zone Trust { host-inbound-traffic { system-services { any-service; } } interfaces {
ge-0/0/9.0; } } security-zone Untrust { host-inbound-traffic { system-services { any-service; } }
interfaces { ge-0/0/8.0; } } } } A user attempted to form a chassis cluster on an SRX240;
however, the cluster did not form. While investigating the problem, you see the output
shown in the Above. What is causing the problem?
A.
The fxp0 interface is not configured.
B.
The ge-0/0/0 interface is configured.
C.
The configurations are not identical.
D.
The cluster IDs do not match.
Explanation:
Wrong answer, no FXP interface output, it should be answer A.
I would say that B is correct.
The reason being, when you put an SRX240 into a cluster, ge-0/0/0 is hard allocated to fxp0 (management) and ge-0/0/1 is hard allocated to fxp1 (control). When there is existing configuration on ge-0/0/0 and/or ge-0/0/1 there is an issue because the interfaces are already assigned normal configuration and so the cluster control link will not work.
It also wouldn’t care whether there is fxp0 configuration or not since fxp0 is only for the node management.
New JN0-696 Exam Questions and Answers Updated Recently (28/Apr/2016):
NEW QUESTION 41
Click the Exhibit button. You are implementing a high availability chassis cluster on an SRX Series device. You would like to manage both devices through the J-Web utility. However, when you try to log in to the second device using SSL HTTP, you receive a message from your Web browser indicating that the message has timed out.
IMAGE URL: examgod.com/plimages/d2ef7e726601_E9DD/411_thumb.jpg
Why you are receiving this message?
A. There is a firewall policy blocking traffic to the control plane.
B. HTTP is not configured as host inbound traffic.
C. The incoming traffic is not being allowed on the correct port.
D. The rdp daemon is on standby on the secondary device.
Answer: A
NEW QUESTION 42
A customer downloaded and installed the IDP policy template. After copying the recommended templates and creating the needed policy, the customer deleted the templates. After the commit, the templates return. Which command will prevent the templates from appearing again?
A. user@srx# deactivate security idp active-policy Recommended
B. user@srx# delete security idp idp-policy Recommended
C. user@srx# set security idp security-package automatic
D. user@srx# deactivate system scripts commit file templates.xsl
Answer: D
Explanation:
Delete or deactivate the commit script file. By deleting the commit script file, you avoid the risk of overwriting modifications to the template when you commit the configuration. Run one of the following commands:
user@host# delete system scripts commit file templates.xsl
user@host# deactivate system scripts commit file templates.xsl
juniper.net/documentation/en_US/junos12.1×47/topics/task/configuration/idp-predefined-policytemplate-downloading-and-using-cli.html
NEW QUESTION 43
You have an SRX branch device with two ISP connections. During analysis of the traffic, you notice that traffic from internal users to ISP 1 are replied to by ISP 2. Which two configurations will correct the asymmetric problem? (Choose two.)
A. Create a security policy to allow traffic through ISP 1 only.
B. Create routing instances that include routes to ISP 1 and ISP 2.
C. Configure filter-based forwarding to provide load balancing.
D. Create an interface-specific firewall filter to forward the traffic to ISP 1.
Answer: AB
NEW QUESTION 44
You are asked to update the IDP signature database. After you issue the request security IDP security-package download command, you need to monitor the process. Which command would you use to accomplish this task?
A. request security idp security-package download status
B. request security idp security-package download full-update
C. request security idp security-package install
D. request security idp security-package install status
Answer: A
Explanation:
Use the following command: root# run request security idp security-package download status
kb.juniper.net/InfoCenter/index?page=content&id=KB28004&actp=search
NEW QUESTION 45
You are requested to verify that the UTM service is running on the SRX Series device. Which command will accomplish this task?
A. show security utm status
B. run show security utm web-filtering statistics
C. run show security utm status
D. show security utm session
Answer: A
Explanation:
To verify the UTM service status, from operational mode, enter the show security utm status command.
juniper.net/documentation/en_US/junos12.1×47/topics/example/security-utm-enhanced-webfiltering-site-reputation-action-configuring.html
NEW QUESTION 46
Click the Exhibit button. You are reviewing the status of a high-end SRX Series chassis cluster and notice that some interfaces have error messages.
IMAGE URL: examgod.com/plimages/d2ef7e726601_E9DD/461_thumb.jpg
Referring to the exhibit, which two steps would you use to troubleshoot the problem? (Choose two.)
A. Verify the security policies for incoming traffic.
B. Verify if there are Layer 1 or Layer 2 issues between the node devices.
C. Recognize the control link port to a different Services Processing Card (SPC), move the cable, and rebootboth nodes.
D. Reconfigure the firewall filters to allow traffic.
Answer: BC
Explanation:
B: If the Control Link is SFP-type port, change the transceiver on both ends. Ensure that the transceivers are same type (LX, SX, etc.) and that they are Juniper-branded parts.
C: Change the cable that you are using for control link. Is the interface link light GREEN now?
Yes – Previous link cable was faulty. Recommend to now reboot both the nodes simultaneously.
kb.juniper.net/InfoCenter/index?page=content&id=kb20698&actp=search
NEW QUESTION 47
……
P.S. These New JN0-696 Exam Questions Were Just Updated From The Real JN0-696 Exam, You Can Get The Newest JN0-696 Dumps In PDF And VCE From — http://bitly.com/jn0-696-exam-dumps (75q)
Good Luck !!!