https://devdb.secteam.juniper.net/xmlexport.cgi set security forwarding-process application-services maximize-idp-sessions volume/ftp/private/systest/9.4 static { route 10.157.5.245/32 next-hop 10.157.64.1; route 207.17.137.227/32 next-hop 10.157.64.1; route 10.100.3.117/32 next-hop 10.157.64.1; route 6.0.0.0/8 next-hop 4.0.0.1; route 7.0.0.0/8 next-hop 5.0.0.1; route 20.20.20.20/32 next-hop 5.0.0.1; route 10.157.4.14/32 next-hop 10.157.64.1; } set routing-options static route 10.157.5.245/32 next-hop 10.157.64.1 >show config name-server { 192.168.5.68; 172.17.28.101; 172.17.28.100; } set system name-server 172.24.245.10 show service objcache show memory; show arena; show ser mum show usp mem show heap show usp mem-use show usp idp ipc counters show security monitoring To enable debug on SPU for policy push Enable debug - debug usp idp features subs enable - debug usp idp level debug - debug usp idp features policy enable - debug usp idp features ioctl enable More to add debug usp idp features flow enable debug usp idp features ioctl enable debug usp idp features subs enable debug usp idp features module enable debug usp idp features detector enable debug usp idp features policy enable debug usp idp level debug set usp idp const sc_sm_loopback 1 debug log - show usp flow trace 0 - show syslog messages debug ai debug usp idp qmodule appsig enable svn co https://10.155.191.244/svn/idp/viking --username wget http://10.155.191.245/idp/packages/run-3.4.10 set security idp sensor-configuration ssl-inspection sessions 10 set security idp sensor-configuration detector protocol-name SSL tunable-name sc_ssl_flags tunable-value 1 run request security idp ssl-inspection key add sslserver server 5.0.0.1 file /tmp/sslserver.key set security idp custom-attack cs1 severity major attack-type signature context stream direction client-to-server pattern ".*applidtest.*" protocol-binding application FTP set security idp custom-attack ai-http-test-1 severity info attack-type signature context http-get-url direction client-to-server pattern ".*juniper.*" set security idp custom-attack ai-ftp-test1 severity info attack-type signature context ftp-username direction client-to-server pattern ".*root.*" master controller: 10.155.239.30 10.155.232.3 10.155.250.107 +++++++++++ Loading balancing override go to the cp spu do a show usp spu mapping and note the listed spus then do set usp spu override