I guess the main problem is that the Juniper has any number of configurable parameters that are simply not viewable in the HH in order to compare. Trying to get the correct values from BT will be impossible (even if there is somebody that knows)

Is there anyone out there that has gotten a Junos device to work on BT Broadband? Surely there must be? Can you share some configuration?

Dear Ray,

That's pretty useful and I've been studying it in detail. However, this is for BT Infinity (which is PPPoE... I think that's probably easier to get to work). I'm on ADSL.

There has to be someone out there that has an SRX device (or similar) on BT Broadband ADSL and that has managed to get that to work. Bueller, anyone?

This article is better:

http://www.juniper.net/techpubs/en_US/junos12.1/topics/example/session-tcp-maximum-segment-size-for-...

They suggest setting the MSS to 1300 - I would do that

Yes, the MSS for TCP is key. I worked that out a while ago. Here is a working configuration for reference, if someone else ever runs into this problem.

## Working config for Juniper SRX210 on British Telecom (BT) ADSL (to replace BT HomeHub)
version 12.1X46-D15.3;
system {
host-name Router1;
time-zone GMT;
root-authentication {
encrypted-password "***********;
}
name-server {
213.120.234.30;
213.120.234.6;
}
login {
user MainAdmin {
full-name MainAdministrator;
uid 2002;
class super-user;
authentication {
encrypted-password "***********";
}
}
}
services {
ssh;
telnet;
xnm-clear-text;
web-management {
http {
interface vlan.0;
}
https {
system-generated-certificate;
interface vlan.0;
}
}
dhcp {
router {
192.168.1.1;
}
pool 192.168.1.0/24 {
address-range low 192.168.1.2 high 192.168.1.254;
}
propagate-settings ge-0/0/0.0;
}
}

max-configurations-on-flash 5;
max-configuration-rollbacks 5;
license {
autoupdate {
url https://ae1.juniper.net/junos/key_retrieval;
}
}
ntp {
server 95.81.173.155;
}
}
interfaces {
interface-range interfaces-trust {
member ge-0/0/1;
member ge-0/0/3;
member ge-0/0/4;
member ge-0/0/5;
member ge-0/0/6;
member ge-0/0/7;
unit 0 {
family ethernet-switching {
vlan {
members vlan-trust;
}
}
}
}
ge-0/0/0 {
unit 0 {
family inet {
dhcp;
}
}
}
ge-0/0/2 {
enable;
unit 0 {
family inet {
address 10.0.0.100/24;
}
}
}
at-1/0/0 {
description "DSL;";
mtu 1400;
encapsulation atm-pvc;
atm-options {
vpi 0;
}
dsl-options {
operating-mode auto;
}
unit 0 {
description Telecom_BT;
encapsulation atm-ppp-vc-mux;
vci 0.38;
ppp-options {
chap {
default-chap-secret "$9$0IA91IhlKW";
local-name "anything@btbroadband.com";
passive;
}
}
family inet {
negotiate-address;
}
}
}
lo0 {
unit 0 {
family inet {
address 127.0.0.1/32;
}
}
}
vlan {
unit 0 {
family inet {
address 192.168.1.1/24;
address 10.0.0.99/24;
}
}
}
}
routing-options {
static {
route 0.0.0.0/0 {
next-hop [ pp0.0 at-1/0/0.0 ];
metric 0;
}
}
}
protocols {
stp;
}
security {
flow {
tcp-mss {
all-tcp {
mss 1300;
}
}
}
screen {
ids-option untrust-screen {
icmp {
ping-death;
}
ip {
source-route-option;
tear-drop;
}
tcp {
syn-flood {
alarm-threshold 1024;
attack-threshold 200;
source-threshold 1024;
destination-threshold 2048;
timeout 20;
}
land;
}
}
}
nat {
source {
rule-set trust-to-untrust {
from zone trust;
to zone untrust;
rule source-nat-rule {
match {
source-address 0.0.0.0/0;
}
then {
source-nat {
interface;
}
}
}
}
}
}
policies {
from-zone trust to-zone untrust {
policy trust-to-untrust {
match {
source-address any;
destination-address any;
application any;
}
then {
permit;
}
}
}
}
zones {
security-zone trust {
host-inbound-traffic {
system-services {
all;
}
protocols {
all;
}
}
interfaces {
vlan.0;
ge-0/0/2.0;
}
}
security-zone untrust {
screen untrust-screen;
host-inbound-traffic {
system-services {
telnet;
}
}
interfaces {
ge-0/0/0.0 {
host-inbound-traffic {
system-services {
dhcp;
tftp;
}
}
}
at-1/0/0.0;
}
}
}
}
wlan {
cluster vlan-0-default {
name juniper-ap-cluster;
default-cluster;
interfaces {
vlan.0;
}
}
}
vlans {
vlan-trust {
vlan-id 3;
l3-interface vlan.0;
}
}