cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Patrick_loves_Junos
Aspiring Contributor
3,167 Views
Message 11 of 18

Re: Juniper Router on BT Broadband Issues

Yes, that is exactly the behavior. It's some kind of default configuration, which has basic connectivity, and nothing else.

 

I tried "bthomehub@btbroadband.com" as the username (password "BT" or no password at all). I get the same behavior.

 

On a side note: now I started trying all sorts of usernames like "test@test.com" and I still get "CHAP success". However, with "test@test.com" it will then assign my router a private IP address (like 172.20.32.65) and I cannot get anywhere, even with ICMP. So the behavior with "bthomehub@btbroadband.com" is strictly superior Smiley Happy

 

So authentication not working/working improperly seems to be a good road to investigate. Does anyone know how we can get more details on this?

0 Ratings
licquorice
Distinguished Sage
Distinguished Sage
3,158 Views
Message 12 of 18

Re: Juniper Router on BT Broadband Issues

I guess the main problem is that the Juniper has any number of configurable parameters that are simply not viewable in the HH in order to compare. Trying to get the correct values from BT will be impossible (even if there is somebody that knows)

0 Ratings
Patrick_loves_Junos
Aspiring Contributor
3,153 Views
Message 13 of 18

Re: Juniper Router on BT Broadband Issues

Is there anyone out there that has gotten a Junos device to work on BT Broadband? Surely there must be? Can you share some configuration?

0 Ratings
ray_dorset
Distinguished Guru
3,122 Views
Message 14 of 18

Re: Juniper Router on BT Broadband Issues

http://futilefiles.com/blog/?p=478
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
If you found this post helpful, please click on the star on the left
If not, I'll try again 🙂
0 Ratings
Patrick_loves_Junos
Aspiring Contributor
3,108 Views
Message 15 of 18

Re: Juniper Router on BT Broadband Issues

Dear Ray,

 

That's pretty useful and I've been studying it in detail. However, this is for BT Infinity (which is PPPoE... I think that's probably easier to get to work). I'm on ADSL.Smiley Sad

 

There has to be someone out there that has an SRX device (or similar) on BT Broadband ADSL and that has managed to get that to work. Bueller, anyone?

 

 

0 Ratings
Pippin_uk
Beginner
3,018 Views
Message 16 of 18

Re: Juniper Router on BT Broadband Issues

Not sure if you ever for this working. But the problem is caused the maximum segment size. This needs to be lowered as per this article

https://www.juniper.net/techpubs/software/jseries/junos93/jseries-config-guide-basic/tcp-maximum-seg...

Set it to somewhere around 1450....

Cheers
0 Ratings
Pippin_uk
Beginner
3,015 Views
Message 17 of 18

Re: Juniper Router on BT Broadband Issues

This article is better:

 

http://www.juniper.net/techpubs/en_US/junos12.1/topics/example/session-tcp-maximum-segment-size-for-...

 

They suggest setting the MSS to 1300 - I would do that

0 Ratings
Patrick_loves_Junos
Aspiring Contributor
2,993 Views
Message 18 of 18

Re: Juniper Router on BT Broadband Issues

Yes, the MSS for TCP is key. I worked that out a while ago. Here is a working configuration for reference, if someone else ever runs into this problem.

 

## Working config for Juniper SRX210 on British Telecom (BT) ADSL (to replace BT HomeHub)
version 12.1X46-D15.3;
system {
host-name Router1;
time-zone GMT;
root-authentication {
encrypted-password "***********;
}
name-server {
213.120.234.30;
213.120.234.6;
}
login {
user MainAdmin {
full-name MainAdministrator;
uid 2002;
class super-user;
authentication {
encrypted-password "***********";
}
}
}
services {
ssh;
telnet;
xnm-clear-text;
web-management {
http {
interface vlan.0;
}
https {
system-generated-certificate;
interface vlan.0;
}
}
dhcp {
router {
192.168.1.1;
}
pool 192.168.1.0/24 {
address-range low 192.168.1.2 high 192.168.1.254;
}
propagate-settings ge-0/0/0.0;
}
}

max-configurations-on-flash 5;
max-configuration-rollbacks 5;
license {
autoupdate {
url https://ae1.juniper.net/junos/key_retrieval;
}
}
ntp {
server 95.81.173.155;
}
}
interfaces {
interface-range interfaces-trust {
member ge-0/0/1;
member ge-0/0/3;
member ge-0/0/4;
member ge-0/0/5;
member ge-0/0/6;
member ge-0/0/7;
unit 0 {
family ethernet-switching {
vlan {
members vlan-trust;
}
}
}
}
ge-0/0/0 {
unit 0 {
family inet {
dhcp;
}
}
}
ge-0/0/2 {
enable;
unit 0 {
family inet {
address 10.0.0.100/24;
}
}
}
at-1/0/0 {
description "DSL;";
mtu 1400;
encapsulation atm-pvc;
atm-options {
vpi 0;
}
dsl-options {
operating-mode auto;
}
unit 0 {
description Telecom_BT;
encapsulation atm-ppp-vc-mux;
vci 0.38;
ppp-options {
chap {
default-chap-secret "$9$0IA91IhlKW";
local-name "anything@btbroadband.com";
passive;
}
}
family inet {
negotiate-address;
}
}
}
lo0 {
unit 0 {
family inet {
address 127.0.0.1/32;
}
}
}
vlan {
unit 0 {
family inet {
address 192.168.1.1/24;
address 10.0.0.99/24;
}
}
}
}
routing-options {
static {
route 0.0.0.0/0 {
next-hop [ pp0.0 at-1/0/0.0 ];
metric 0;
}
}
}
protocols {
stp;
}
security {
flow {
tcp-mss {
all-tcp {
mss 1300;
}
}
}
screen {
ids-option untrust-screen {
icmp {
ping-death;
}
ip {
source-route-option;
tear-drop;
}
tcp {
syn-flood {
alarm-threshold 1024;
attack-threshold 200;
source-threshold 1024;
destination-threshold 2048;
timeout 20;
}
land;
}
}
}
nat {
source {
rule-set trust-to-untrust {
from zone trust;
to zone untrust;
rule source-nat-rule {
match {
source-address 0.0.0.0/0;
}
then {
source-nat {
interface;
}
}
}
}
}
}
policies {
from-zone trust to-zone untrust {
policy trust-to-untrust {
match {
source-address any;
destination-address any;
application any;
}
then {
permit;
}
}
}
}
zones {
security-zone trust {
host-inbound-traffic {
system-services {
all;
}
protocols {
all;
}
}
interfaces {
vlan.0;
ge-0/0/2.0;
}
}
security-zone untrust {
screen untrust-screen;
host-inbound-traffic {
system-services {
telnet;
}
}
interfaces {
ge-0/0/0.0 {
host-inbound-traffic {
system-services {
dhcp;
tftp;
}
}
}
at-1/0/0.0;
}
}
}
}
wlan {
cluster vlan-0-default {
name juniper-ap-cluster;
default-cluster;
interfaces {
vlan.0;
}
}
}
vlans {
vlan-trust {
vlan-id 3;
l3-interface vlan.0;
}
}

0 Ratings