headers
Ben Dale | 2 Jan 2006 12:02
Picon

Re: activating per-rule match counters?"

Hi there,

Until Juniper implement this feature, if you add logging to all your
policies you can run the following:

ns500-> get log traffic policy 3 | inc "Total Entries"
Total entries matched = 51

Cheers,

Ben

> Hi,
> is there an easy way to extract per-rule (== per-policy)
> match counters from the netscreen? I'm looking for
> the kind of data that is shown next to each access-list
> on a Cisco router when you issue the "show ip access-list"?
>Thanks,
>Avishai
Permalink | Reply | 2 comments |
headers
Robert Oschwald | 2 Jan 2006 15:23
Picon
Favicon

Juniper Security Bulletin PSN-2005-11-007: Which versions are affected?

Dear all,
 
I'm curious about the security bulletin of Juniper regarding the IKE flaw.
It doesn't state which versions of ScreenOS are affected, only to update to Version 5.0.0r10d for 5XP to 5400 Firewalls.
 
What about 4.x users?
What about 5.1, 5.2 and 5.3 Version installations?
 
Has anyone informations regarding this?
 
The Bulletin can be found here:
 
 
 
Robert
<div>
<div><span class="129452014-02012006">Dear 
all,</span></div>
<div>
<span class="129452014-02012006"></span>&nbsp;</div>
<div><span class="129452014-02012006">I'm curious about 
the security bulletin of Juniper regarding the IKE flaw.</span></div>
<div><span class="129452014-02012006">It doesn't state 
which versions of ScreenOS are affected, only to update to Version 5.0.0r10d for 
5XP to 5400 Firewalls.</span></div>
<div>
<span class="129452014-02012006"></span>&nbsp;</div>
<div><span class="129452014-02012006">What about 4.x 
users?</span></div>
<div><span class="129452014-02012006">What about 5.1, 5.2 
and 5.3 Version installations?</span></div>
<div>&nbsp;</div>
<div><span class="129452014-02012006">Has anyone 
informations regarding this?</span></div>
<div>
<span class="129452014-02012006"></span>&nbsp;</div>
<div><span class="129452014-02012006">The Bulletin can be 
found here:</span></div>
<div><span class="129452014-02012006"><a href="https://www.juniper.net/support/security/alerts/PSN-2005-11-007.txt">https://www.juniper.net/support/security/alerts/PSN-2005-11-007.txt</a></span></div>
<div>
<span class="129452014-02012006"></span>&nbsp;</div>
<div>
<span class="129452014-02012006"></span>&nbsp;</div>
<div>
<span class="129452014-02012006"></span>&nbsp;</div>
<div><span class="129452014-02012006">Robert</span></div>
</div>
Permalink | Reply | 0 comments |
headers
Gaston | 3 Jan 2006 16:45
Favicon

Vpn monitoring questions

Hello,

I have a question regarding route based vpn monitoring for Lan to Lan tunnels. 

When we configure VPN monitoring, the documentation tells that whithout specifying a source interface
and a destination, the netscreen send pings to remote untrust interface from local untrust interface. 

And if the "rekey" option is selected, then it automatically sends pings "to ensure that tunnel is always up".

But in that last case, don't we have to specify vpn monitoring from the trust interface to the remote trust
interface in order to trigger ike rekeying? The documentation says rekeying works with default source
and destination pings. But I do not understand how. I believe we *must* specify trust zone sources and
destinations. Am I wrong?

Thanks for your advices,

Accédez au courrier électronique de La Poste : www.laposte.net ;
Jusqu'au 25 décembre, participez  au grand jeu du Calendrier de l'Avent et
 gagnez tous les jours de nombreux lots, + de 300 cadeaux en jeu !
Permalink | Reply | 0 comments |
headers
Tim Provencio | 4 Jan 2006 19:55

Dest NAT from non-Trust (Checkpoint Replacement)

We were using a Checkpoint (Nokia IP330) for several years and were
able to have a "virtual subnet" of proxy arp addresses that were
redirects to external addresses. Why would this be necessary? Well,
because we have a good number of offsite locations, and instead of
having all of the remote offices in the access lists of each customer,
we give the customer one external address to allow in, and then "pipe"
all traffic through our central location and have it exit as if were
coming from our central location.

For example purposes, I create a bunch of bogus IP ranges/addresses...
we'll say that 192.168.0/24 is our main office subnet and all traffic
leaves there as 1.2.3.4. We also have a remote office which will be
192.168.1/24, whose external IP is 4.3.2.1. Then, representing a
second internal "virtual subnet" (my terminology only) is
192.168.99/24 which has 192.168.99.1 as the secondary IP on the inside
of the NetScreen (primary IP of 192.168.0.1.) Then there are the
addresses such as 192.168.99.10 that "wormhole" out to external
addresses at our customers represented as 12.34.56.78, etc.

So, I realized I couldn't just add addresses to the new NetScreen 25
(5.1.0 firmware) in the same manner as I did on the Checkpoint, so I
did all the nat-dst stuff. It's working great using an intra-zone
trust-trust policy as the NS 25 is answering ARP requests for the .99
addresses, and internal users are able to hit the .99 stuff (e.g. a
user who is at 192.168.0.100 can SSH to 192.168.99.10 and connects,
but in all reality, he is connecting to 12.34.56.78.) This is great
and it showed me I could "kind of" do it.

But, the whole reason we did this in the first place, was for the
remotes (all running NS-5s with 5.0.0 firmwares.) Say the person
residing in the 192.168.1 remote network tries to SSH to 12.32.56.78.
Well that customer has 1.2.3.4 in his access list and denies the
remote office that shows up as 4.3.2.1. So, we added this "virtual
subnet" to the central office Checkpoint and the guy residing in the
192.168.1 remote network tries to connect to 192.168.99.10 and his
NetScreen tunnels him over to the main office to get to 192.168.99.10
(as there is a policy for both 192.168.0/24 and 192.168.99/24 to be
tunneled to the main location) and then he is set out via 1.2.3.4 and
is allowed into the customers network.

This has been fine when we were all NetScreen remotes and Checkpoint
central location. Now that we are all NetScreen I've had to rig up
something to host the 192.168.99 addresses and "bounce" the
connections out through the main Netscreen. The Checkpoint drive
cratered and we'd wanted to move "forward" a long time and this was a
great excuse and we weren't going pass up the chance.  While I didn't
like doing this kludge, it allowed us to get out from under the Nokia
box and I figured that there just had to be a way to do this with the
NetScreen.

Now I am desperately hoping I can put all this stuff back onto one box
and eliminate the aforementioned kludge. While this works great for
local people (for which it really is unnecessary), the missing piece
of the puzzle for me is how do I get those people coming in from other
192.168.x/24 subnets behind other NetScreen devices and tunneled in to
the main one, to be able to hit that 192.168.99/24 subnet and allowed
through with policies. For example, the 192.168.1/24 isn't "Trust" and
I can't seem to build a policy that works with the destination nat
stuff for addresses on the "virtual subnet" of 192.168.99/24

I greatly appreciate and look forward to any insight anyone can
provide.  I already posted this to the NetScreen forums a while back
with no luck.

TIA,
Tim
Permalink | Reply | 501 comments |
headers
Priit Sarv | 5 Jan 2006 09:44
Picon

Re: Dest NAT from non-Trust (Checkpoint Replacement)

Try route-based VPN-s.
P
On Wednesday 04 January 2006 20:55, Tim Provencio wrote:
> We were using a Checkpoint (Nokia IP330) for several years and were
> able to have a "virtual subnet" of proxy arp addresses that were
> redirects to external addresses. Why would this be necessary? Well,
> because we have a good number of offsite locations, and instead of
> having all of the remote offices in the access lists of each customer,
> we give the customer one external address to allow in, and then "pipe"
> all traffic through our central location and have it exit as if were
> coming from our central location.
>
> For example purposes, I create a bunch of bogus IP ranges/addresses...
> we'll say that 192.168.0/24 is our main office subnet and all traffic
> leaves there as 1.2.3.4. We also have a remote office which will be
> 192.168.1/24, whose external IP is 4.3.2.1. Then, representing a
> second internal "virtual subnet" (my terminology only) is
> 192.168.99/24 which has 192.168.99.1 as the secondary IP on the inside
> of the NetScreen (primary IP of 192.168.0.1.) Then there are the
> addresses such as 192.168.99.10 that "wormhole" out to external
> addresses at our customers represented as 12.34.56.78, etc.
>
> So, I realized I couldn't just add addresses to the new NetScreen 25
> (5.1.0 firmware) in the same manner as I did on the Checkpoint, so I
> did all the nat-dst stuff. It's working great using an intra-zone
> trust-trust policy as the NS 25 is answering ARP requests for the .99
> addresses, and internal users are able to hit the .99 stuff (e.g. a
> user who is at 192.168.0.100 can SSH to 192.168.99.10 and connects,
> but in all reality, he is connecting to 12.34.56.78.) This is great
> and it showed me I could "kind of" do it.
>
> But, the whole reason we did this in the first place, was for the
> remotes (all running NS-5s with 5.0.0 firmwares.) Say the person
> residing in the 192.168.1 remote network tries to SSH to 12.32.56.78.
> Well that customer has 1.2.3.4 in his access list and denies the
> remote office that shows up as 4.3.2.1. So, we added this "virtual
> subnet" to the central office Checkpoint and the guy residing in the
> 192.168.1 remote network tries to connect to 192.168.99.10 and his
> NetScreen tunnels him over to the main office to get to 192.168.99.10
> (as there is a policy for both 192.168.0/24 and 192.168.99/24 to be
> tunneled to the main location) and then he is set out via 1.2.3.4 and
> is allowed into the customers network.
>
> This has been fine when we were all NetScreen remotes and Checkpoint
> central location. Now that we are all NetScreen I've had to rig up
> something to host the 192.168.99 addresses and "bounce" the
> connections out through the main Netscreen. The Checkpoint drive
> cratered and we'd wanted to move "forward" a long time and this was a
> great excuse and we weren't going pass up the chance.  While I didn't
> like doing this kludge, it allowed us to get out from under the Nokia
> box and I figured that there just had to be a way to do this with the
> NetScreen.
>
> Now I am desperately hoping I can put all this stuff back onto one box
> and eliminate the aforementioned kludge. While this works great for
> local people (for which it really is unnecessary), the missing piece
> of the puzzle for me is how do I get those people coming in from other
> 192.168.x/24 subnets behind other NetScreen devices and tunneled in to
> the main one, to be able to hit that 192.168.99/24 subnet and allowed
> through with policies. For example, the 192.168.1/24 isn't "Trust" and
> I can't seem to build a policy that works with the destination nat
> stuff for addresses on the "virtual subnet" of 192.168.99/24
>
> I greatly appreciate and look forward to any insight anyone can
> provide.  I already posted this to the NetScreen forums a while back
> with no luck.
>
> TIA,
> Tim
> _______________________________________________
> nn mailing list
> nn <at> qorbit.net
> http://qorbit.net/mailman/listinfo/nn
Permalink | Reply | 501 comments |
headers
Steve Cooper | 5 Jan 2006 15:32
Favicon

Re: ScreenOS 5.3 and Avaya Handsets

Just got this incase anyone's interested.
Cheers,
Steve
 
Dear customer, The known issue that you are referring to (54221 - When using an Avaya IP Phone, the device may fail when the Avaya phone restarts) has been resolved and the fix will be included in screenos 5.3r3. 5.3r3 is currently planned for release in March 2006. Sometimes the release schedule is postponed a bit, but anyway, the fix will be included. When 5.3 is released it will be available for download from our website. The root cause of the issue and the solution is stated here: Root Cause: vlan id=0 will cause invalid pointer reference. Solution: add sanity check before accepting the frame. This means that the Avaya phone on startup sends out an ethernet frame with vlan id 0. This can crash the netscreen. By the way, untill now this issue is only observed in 5GT firewalls. It might not happen in your NS500's, but we can cannot guarantee that. I hope this is enough information for you. If you have any more questions or if you want to close this case, just let me know. Kind regards, Casper Rijnders

From: nn-bounces <at> qorbit.net [mailto:nn-bounces <at> qorbit.net] On Behalf Of Steve Cooper
Sent: 13 December 2005 14:37
To: nn <at> qorbit.net
Subject: [nn] ScreenOS 5.3 and Avaya Handsets

Hi all,
 
Anyone using 5.3 with Avaya handsets?
Just reading the release notes on ScreenOS 5.3.0r1 and read this on the known problems:
 
54221 – When using an Avaya IP Phone, the device may fail when the Avaya phone restarts.

Anyone any idea what this actually means?

Cheers,

Steve

 
 

Steve Cooper

Xchanging

Endeavour Drive

Basildon

Essex

SS14 3WF · UK

 

Direct Line:             +44 (0)1268 643777

Mobile:                     +44 (0)7796 442454

Switchboard:            +44 (0)1268 643700

Facsimile:                 +44 (0)1268 271587

Email                        steve.cooper <at> xchanging.com

Website:                   www.xchanging.com

 

CONFIDENTIALITY NOTICE

The contents of this e-mail are confidential to the ordinary user of the e-mail address to which it was addressed and may also be privileged.  If you are not the addressee of this e-mail you may not copy, forward, disclose or otherwise use it or any part of it in any form whatsoever.  If you have received this e-mail in error please e-mail the sender by replying to this message.

 
 
<div>
<div dir="ltr" align="left"><span class="288543114-05012006">Just got this incase anyone's interested. 
</span></div>
<div dir="ltr" align="left"><span class="288543114-05012006">Cheers, </span></div>
<div dir="ltr" align="left"><span class="288543114-05012006">Steve</span></div>
<div dir="ltr" align="left">
<span class="288543114-05012006"></span>&nbsp;</div>
<div dir="ltr" align="left"><span class="288543114-05012006">Dear customer,

The known issue that you are referring to (54221 - When using an Avaya IP Phone, the
device may fail when the Avaya phone restarts) has been resolved and the fix will be
included in screenos 5.3r3. 

5.3r3 is currently planned for release in March 2006. Sometimes the release schedule is
postponed a bit, but anyway, the fix will be included. When 5.3 is released it will be
available for download from our website.

The root cause of the issue and the solution is stated here:

Root Cause: vlan id=0 will cause invalid pointer reference.
Solution: add sanity check before accepting the frame.

This means that the Avaya phone on startup sends out an ethernet frame with vlan id 0.
This can crash the netscreen.
By the way, untill now this issue is only observed in 5GT firewalls. It might not happen
in your NS500's, but we can cannot guarantee that.

I hope this is enough information for you. If you have any more questions or if you want
to close this case, just let me know.

Kind regards,
Casper Rijnders
</span></div>
<br><div class="OutlookMessageHeader" lang="en-us" dir="ltr" align="left">
From: nn-bounces <at> qorbit.net 
[mailto:nn-bounces <at> qorbit.net] On Behalf Of Steve Cooper<br>Sent: 
13 December 2005 14:37<br>To: nn <at> qorbit.net<br>Subject: [nn] 
ScreenOS 5.3 and Avaya Handsets<br><br>
</div>
<div></div>
<div><span class="891073314-13122005">Hi 
all,</span></div>
<div>
<span class="891073314-13122005"></span>&nbsp;</div>
<div><span class="891073314-13122005">Anyone using 5.3 
with Avaya handsets? </span></div>
<div><span class="891073314-13122005">Just reading the 
release notes on ScreenOS 5.3.0r1 and read this on the known 
problems:</span></div>
<div>
<span class="891073314-13122005"></span>&nbsp;</div>
<div><span class="891073314-13122005">54221 &ndash; When using an Avaya IP Phone, the device may fail when the Avaya 
phone<span class="891073314-13122005"> </span>restarts.</span></div>
<div>
<p align="left"><span class="891073314-13122005">Anyone any 
idea what this actually means?</span></p>
<p align="left"><span class="891073314-13122005">Cheers,</span></p>
<p align="left"><span class="891073314-13122005">Steve</span></p>
</div>
<div>&nbsp;</div>
<div align="left">&nbsp; 
<p class="section1" align="left"><span lang="EN-GB">Steve Cooper</span></p>
<p class="section1"><span lang="EN-GB">Xchanging</span></p>
<p class="section1"><span lang="EN-GB">Endeavour 
Drive</span></p>
<p class="section1"><span lang="EN-GB">Basildon</span></p>
<p class="section1"><span lang="EN-GB"><span lang="EN-GB">Essex</span></span></p>
<p class="section1"><span lang="EN-GB"><span lang="EN-GB"></span>SS14 3WF &middot; 
</span><span lang="EN-GB">UK</span></p>
<p class="section1"><span lang="EN-GB"></span>&nbsp;</p>
<p class="section1"><span lang="EN-GB">Direct Line:<span>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</span>+44 
(0)1268 643777</span></p>
<p class="section1"><span lang="EN-GB">Mobile</span><span lang="EN-GB">:<span>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; 
</span>+44 (0)7796 442454</span></p>
<p class="section1"><span lang="EN-GB">Switchboard:<span>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; 
</span>+44 (0)1268 643700</span></p>
<p class="section1"><span lang="EN-GB"></span><span lang="EN-GB">Facsimile:<span>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; 
</span>+44 (0)1268 271587</span></p>
<p class="section1"><span>Email<span>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; 
</span><a title="mailto:steve.cooper <at> xchanging.com" href="blocked::mailto:steve.cooper <at> xchanging.com">steve.cooper <at> xchanging.com</a></span></p>
<p class="section1"><span>Website:<span>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; 
</span></span><span lang="EN-GB"><a title="http://www.xchanging.com/" href="blocked::http://www.xchanging.com/"><span lang="EN-US" title="http://www.xchanging.com/">www.xchanging.com</span></a> </span></p>
<p class="section1"><span></span>&nbsp;</p>
<p class="section1"><span lang="EN-GB">CONFIDENTIALITY NOTICE</span></p>
<p class="section1"><span>The 
contents of this e-mail are confidential to the ordinary user of the e-mail 
address to which it was addressed and may also be privileged.&nbsp; If you are 
not the addressee of this e-mail you may not copy, forward, disclose or 
otherwise use it or any part of it in any form whatsoever.&nbsp; If you have 
received this e-mail in error please e-mail the sender by replying to this 
message.</span></p>
<div>&nbsp;</div>
</div>
<div>&nbsp;</div>
</div>
Permalink | Reply | 2 comments |
headers
Jeremy Stinson | 5 Jan 2006 16:50
Picon
Favicon

Silly 5gt question

Hello all,
 
I have a silly NS 5GT question. I lost the power cord for my 5gt and I want to order a new one but the price sheet has two listed (Linear Power supply and Switching Power supply). Does anyone which one is the correct one for a US NS 5gt?
 
Thanks in advance.

Jeremy
<div>
<div>Hello all,</div>
<div>&nbsp;</div>
<div>I have a silly NS 5GT question. I lost the power 
cord for my 5gt and I want to order a new one but the price sheet has two listed 
(Linear Power supply and Switching Power supply). Does anyone which one is the 
correct one for a US NS 5gt?</div>
<div>&nbsp;</div>
<div>Thanks in advance.</div>
<div>
<br>Jeremy</div>
</div>
Permalink | Reply | 0 comments |
headers
Dieter Badmann | 5 Jan 2006 16:57

Re: Silly 5gt question

hi,
 
normaly you'll need the switching power-supply for AC-Power.
 
 
cheers,
 
dieter
 
 
Original Message     
   processed by David InfoCenter 
Subject: 
[nn] Silly 5gt question (05-Jan-2006 16:52)
From:    
To:      
 
Hello all,
 
I have a silly NS 5GT question. I lost the power cord for my 5gt and I want to order a new one but the price sheet has two listed (Linear Power supply and Switching Power supply). Does anyone which one is the correct one for a US NS 5gt?
 
Thanks in advance.

Jeremy


To: laxplayer <at> earthlink.net
    nn <at> qorbit.net
<div>
<div>hi,</div>
<div>&nbsp;</div>
<div>normaly you'll need the 
switching power-supply for AC-Power.</div>
<div>&nbsp;</div>
<div>&nbsp;</div>
<div>cheers,</div>
<div>&nbsp;</div>
<div>dieter</div>
<div>&nbsp;</div>
<div>&nbsp;</div>
<blockquote>
  <table cellspacing="0" cols="3" cellpadding="0" width="99%" border="0"><tr bordercolor="#dfdfdf" bordercolorlight="#dfdfdf" bgcolor="#dfdfdf">
<td width="140" colspan="2" height="22">
        <div>Original 
        Message&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</div>
</td>
      <td align="right">
        <div>
        <div>&nbsp;&nbsp;&nbsp;processed by David 
        InfoCenter&nbsp;</div>
</div>
</td>
</tr></table>
<table cellspacing="0" cols="2" cellpadding="0" width="99%" border="0">
<tr>
<td width="68" bgcolor="#efefef" height="18">
        <div>Subject:&nbsp;</div>
</td>
      <td bgcolor="#ffffff">
        <div>[nn] Silly 5gt question (05-Jan-2006 
        16:52)</div>
</td>
</tr>
<tr>
<td width="68" bgcolor="#efefef" height="18">
        <div>From:&nbsp;&nbsp;&nbsp;&nbsp;</div>
</td>
      <td bgcolor="#ffffff">
        <div><a href="mailto:laxplayer <at> earthlink.net">Jeremy Stinson 
        &lt;laxplayer <at> earthlink.net&gt;</a></div>
</td>
</tr>
<tr>
<td width="68" bgcolor="#efefef" height="17">
        <div>To:&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</div>
</td>
      <td bgcolor="#ffffff">
        <div><a href="mailto:d.badmann <at> kroha-heinze.net">d.badmann <at> kroha-heinze.net</a></div>
</td>
</tr>
</table>
<div>&nbsp;</div>
  <div>Hello all,</div>
  <div>&nbsp;</div>
  <div>I have a silly NS 5GT question. I lost the power 
  cord for my 5gt and I want to order a new one but the price sheet has two 
  listed (Linear Power supply and Switching Power supply). Does anyone which one 
  is the correct one for a US NS 5gt?</div>
  <div>&nbsp;</div>
  <div>Thanks in advance.</div>
  <div>
<br>Jeremy</div>
</blockquote>
<div>
<br><br>To: laxplayer <at> earthlink.net<br>&nbsp;&nbsp;&nbsp;&nbsp;nn <at> qorbit.net<br>
</div>
</div>
Permalink | Reply | 501 comments |
headers
mahesh | 5 Jan 2006 17:38
Picon

Re: Silly 5gt question

Not wanting to open a long debate here but as I understand a switching power supply and a linear power supply are both AC.  The former switches the load rapidly on and off to regulate the output voltage.

 

But that said I can only see one part no for a US power supply: - http://juniper.net/products/integrated/dsheet/110034.pdf.

 

-Mahesh

 

 

From: nn-bounces <at> qorbit.net [mailto:nn-bounces <at> qorbit.net] On Behalf Of Dieter Badmann
Sent: 05 January 2006 15:58
To: laxplayer <at> earthlink.net; nn <at> qorbit.net
Subject: Re: [nn] Silly 5gt question

 

hi,

 

normaly you'll need the switching power-supply for AC-Power.

 

 

cheers,

 

dieter

 

 

Original Message     

   processed by David InfoCenter 

 

Subject: 

[nn] Silly 5gt question (05-Jan-2006 16:52)

From:    

To:      

 

Hello all,

 

I have a silly NS 5GT question. I lost the power cord for my 5gt and I want to order a new one but the price sheet has two listed (Linear Power supply and Switching Power supply). Does anyone which one is the correct one for a US NS 5gt?

 

Thanks in advance.


Jeremy



To: laxplayer <at> earthlink.net
    nn <at> qorbit.net

<div>

<div class="Section1">

<p class="MsoNormal"><span>Not wanting to open a long debate here but
as I understand a switching power supply and a linear power supply are both AC.
&nbsp;The former switches the load rapidly on and off to regulate the output
voltage.<p></p></span></p>

<p class="MsoNormal"><span><p>&nbsp;</p></span></p>

<p class="MsoNormal"><span>But that said I can only see one part no
for a US
power supply: - <a href="http://juniper.net/products/integrated/dsheet/110034.pdf">http://juniper.net/products/integrated/dsheet/110034.pdf</a>.<p></p></span></p>

<p class="MsoNormal"><span><p>&nbsp;</p></span></p>

<p class="MsoNormal"><span>-Mahesh<p></p></span></p>

<p class="MsoNormal"><span><p>&nbsp;</p></span></p>

<p class="MsoNormal"><span><p>&nbsp;</p></span></p>

<div>

<div>

<div class="MsoNormal" align="center"><span lang="EN-US">

</span></div>

<p class="MsoNormal"><span lang="EN-US">From:</span><span lang="EN-US">
nn-bounces <at> qorbit.net [mailto:nn-bounces <at> qorbit.net] <span>On Behalf Of </span>Dieter Badmann<br><span>Sent:</span> 05 January 2006 15:58<br><span>To:</span> laxplayer <at> earthlink.net;
nn <at> qorbit.net<br><span>Subject:</span> Re: [nn] Silly 5gt
question</span><span lang="EN-US"><p></p></span></p>

</div>

<p class="MsoNormal"><span><p>&nbsp;</p></span></p>

<div>

<p class="MsoNormal"><span>hi,<p></p></span></p>

</div>

<div>

<p class="MsoNormal"><span>&nbsp;<p></p></span></p>

</div>

<div>

<p class="MsoNormal"><span>normaly you'll
need the switching power-supply for AC-Power.<p></p></span></p>

</div>

<div>

<p class="MsoNormal"><span>&nbsp;<p></p></span></p>

</div>

<div>

<p class="MsoNormal"><span>&nbsp;<p></p></span></p>

</div>

<div>

<p class="MsoNormal"><span>cheers,<p></p></span></p>

</div>

<div>

<p class="MsoNormal"><span>&nbsp;<p></p></span></p>

</div>

<div>

<p class="MsoNormal"><span>dieter<p></p></span></p>

</div>

<div>

<p class="MsoNormal"><span>&nbsp;<p></p></span></p>

</div>

<div>

<p class="MsoNormal"><span>&nbsp;<p></p></span></p>

</div>

<blockquote>

<table class="MsoNormalTable" border="0" cellspacing="0" cellpadding="0" width="99%" cols="3"><tr height="22" bordercolor="#dfdfdf" bordercolorlight="#dfdfdf">
<td width="140" height="22" bgcolor="#DFDFDF">
  <div>
  <p class="MsoNormal"><span>Original
  Message&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<p></p></span></p>
  </div>
  </td>
  <td height="22" bgcolor="#DFDFDF">
  <div>
  <div>
  <p class="MsoNormal" align="right"><span>&nbsp;&nbsp;&nbsp;processed by David InfoCenter</span><span>&nbsp;<p></p></span></p>
  </div>
  </div>
  </td>
 </tr></table>
<p class="MsoNormal"><span><p>&nbsp;</p></span></p>

<table class="MsoNormalTable" border="0" cellspacing="0" cellpadding="0" width="99%" cols="2">
<tr height="18">
<td width="68" height="18" bgcolor="#EFEFEF">
  <div>
  <p class="MsoNormal"><span>Subject:&nbsp;<p></p></span></p>
  </div>
  </td>
  <td height="18" bgcolor="white">
  <div>
  <p class="MsoNormal"><span>[nn] Silly 5gt
  question (05-Jan-2006 16:52)<p></p></span></p>
  </div>
  </td>
 </tr>
<tr height="18">
<td width="68" height="18" bgcolor="#EFEFEF">
  <div>
  <p class="MsoNormal"><span>From:&nbsp;&nbsp;&nbsp;&nbsp;<p></p></span></p>
  </div>
  </td>
  <td height="18" bgcolor="white">
  <div>
  <p class="MsoNormal"><span><a href="mailto:laxplayer <at> earthlink.net">Jeremy Stinson
  &lt;laxplayer <at> earthlink.net&gt;</a><p></p></span></p>
  </div>
  </td>
 </tr>
<tr height="17">
<td width="68" height="17" bgcolor="#EFEFEF">
  <div>
  <p class="MsoNormal"><span>To:&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<p></p></span></p>
  </div>
  </td>
  <td height="17" bgcolor="white">
  <div>
  <p class="MsoNormal"><span><a href="mailto:d.badmann <at> kroha-heinze.net">d.badmann <at> kroha-heinze.net</a><p></p></span></p>
  </div>
  </td>
 </tr>
</table>
<div>

<p class="MsoNormal"><span>&nbsp;<p></p></span></p>

</div>

<div>

<p class="MsoNormal"><span>Hello all,</span><p></p></p>

</div>

<div>

<p class="MsoNormal"><span>&nbsp;<p></p></span></p>

</div>

<div>

<p class="MsoNormal"><span>I have a silly NS 5GT question. I lost the power cord for my
5gt and I want to order a new one but the price sheet has two listed (Linear
Power supply and Switching Power supply). Does anyone which one is the correct
one for a US NS 5gt?</span><p></p></p>

</div>

<div>

<p class="MsoNormal"><span>&nbsp;<p></p></span></p>

</div>

<div>

<p class="MsoNormal"><span>Thanks in advance.</span><p></p></p>

</div>

<div>

<p class="MsoNormal"><span><br>
Jeremy</span><p></p></p>

</div>

</blockquote>

<div>

<p class="MsoNormal"><span><br><br>
To: laxplayer <at> earthlink.net<br>
&nbsp;&nbsp;&nbsp;&nbsp;nn <at> qorbit.net<p></p></span></p>

</div>

</div>

</div>

</div>
Permalink | Reply | 501 comments |
headers
Alaa Sukarieh | 6 Jan 2006 00:27
Picon

Capicom.dll

Hey all;
Good news,
I have figured a way to extract the certificate from the Netscreen Remote client, thus using it to connect my linux box.
 
cheers
<div>
<div>Hey all;</div>
<div>Good news,</div>
<div>I have figured a way to extract&nbsp;the 
certificate from the Netscreen Remote client, thus using it to connect my linux 
box.</div>
<div>&nbsp;</div>
<div>cheers</div>
</div>
Permalink | Reply | 0 comments |

Gmane