Admittedly I am a Juniper novice but when I called J-TAC for support last week they started a utility I had never seen before. This happens a lot for me with Juniper so I did not think much of it. Then got to thinking about how useful a persistent traceroute is when it runs from the edge of our network. I then called J-TAC back and spoke with two other tech’s who both said they had no idea what that command was. After some digging the amazing JTAC staff provided the command and it has already helped me solve a few issues.
Below is the command to bring up a persistent TraceRt on a Juniper SRX Firwall
- Get PUTTY.EXE from the usual SOFTWARE folder
- Type <name or IP of your Juniper SRX firewall> in the HOSTNAME field and click OPEN
- Press ENTER once or twice to kick the SRX
- Login with root and <whatever your password is>
- Type CLI and press enter
- Type traceroute monitor 126.96.36.199
- That is one of GoDaddy’s servers in Houston but you could use 188.8.131.52 (Googles public DNS server) or any other IP
- Watch it dance.