Same physical interface for multiple logical systems in SRX4100
I am deploying SRX4100 in HA and there is a requirement of logical system but i have limited number of interface to use,I want to know if the device in HA and we have reth interface configured which...
View ArticleSetting up VPN btwn 2 x SRX 650 firewalls - Do all XPIM modules should be the...
I am setting up static VPN between two firewalls: Juniper SRX650-BASE-SRE6-645AP Services Gateways.Do all XPIM modules should match including number of ports or can we have: #1 SRX 650 firewall with 24...
View ArticleHelp for configuration review 2 WANS PPPOE srx300
Good morning, could you help me by giving a concept to my srx300 configuration, I have 2 PPPOE links but only the link that is on the Ge0 / 0/0 port works at its contracted speed, the link that is on...
View ArticleAnyone already test this new "Juniper Secure Connect remote access VPN"?
Hi all, Anyone here already test this new juniper feature / product? It support from junos ver 20.3 above. If anyone has test then any url for config reference?...
View ArticleJunos Space policy push error
Hi AllWhen I try to push the policy from Security Director to SRX4200 (18.4R3-S2) I received a below error:Can someone help?[Error] Configuration update failed. Severity : error At : [edit...
View ArticleI need firmware 12.1X46-D25 for SRX210
I have a SRX210 I am working with.to perform the upgrade to latest firmware I have to first install 12.1X46-D25.I have search all of Juniper.net and can't find a download link. Does anyone know how I...
View ArticleSRX - Traffic Selector - CPU Impact
Hi All,I'm in a task to configure a S2S VPN using traffic selector and proxy id in almost 10 firewalls. The customer is asking me to deploy almost 100 traffic selector and almost 100 proxy-id in a...
View ArticleSRX320 / JDHCP / VLAN
Hi everyone, I configured one of my ports with multiple VLAN's and a native VLAN.. I'm now trying to configure the JDHCP service, but whatever I do.. all my VLAN's receive the native VLAN DHCP...
View ArticleRMP History SRX
Hi there. I have an issue with history RPM probe-results. How do I clear the history probe results. I´ve been searching but I can´t find any solution. Maybe hidden command or only deactivate/activate...
View ArticleClustering Srx300
If I cluster 2 srx300's will the memory usage increase in anyway. Most desired would be 8gb. Does this happen?Are there any other benefits in terms of memory utilization when clustering srx boxes?All...
View ArticleStatic routing options are not Working in SRX-5800 Chassis Cluster FW
Hi,We deployed SRX-5800 in chassis-cluster mode1.Static routing options are not functioning in passive FW.2.GW next-hop is reachable.3.But in Active FW the static routes are working fine.Please find...
View ArticleSrx300 cluster issue with DHCP server wrong IP assigned irb
Not sure what is wrong with my configurationI can't figure out why vlan.2(irb.2) on port ge-1/0/3.0 provide different IP range instead 192.168.2.1/24 Anyone please can point the correct direction...
View ArticleInterface load per source ip/destination ip
Hi everyoneI have Juniper SRX 240, JUNOS 12.1X44-D35.5I am experiencing high interface loads.In this case, the Data Plaint CPU is above 90%.How can I see who is using the most traffic? How can I see...
View ArticleSRX 240h2 - Configure UTM Web Filtering
Guys, how are you? I don't know if this would be the right place, if I'm not sorry. I have an SRX240h2 and I know that it no longer updates and is at the end of its life. I need to configure UTM Web...
View Articlepublic ip behind srx320
Hi there, I need to assign a public ip to a server. I have a /29 public range and use NAT for other server but this one must be accessed by public ip address without NAT, in a internal/trust zone from...
View ArticleSource nat via interface with multiple subnets
Hi all, I am struggling with a Source-Nat rule. I have the following config for the outgoing interface:interfaces ge-0/0/1 flexible-vlan-tagging; native-vlan-id 10; unit 0 { vlan-id 10; family inet {...
View ArticleOne of the server not used interface source nat?
Hi all, I have something weird on srx5800 cluster and not sure is it normal or not. I have one server that have configure "destination nat" to that server. The ip segment for the destination nat is not...
View ArticleConfigured Cisco Umbrella on the Juniper
Greetings friends, has anyone configured Cisco Umbrella on the Juniper SRX 345, SRX 240?
View ArticleSRX Remote syslog tls
Hello, Is it possible to send remote syslog messages with TLS encryption to a remote syslog server like rsyslog? Does anyone have any configuration examples for this, so far I have only been able to...
View ArticlePort mirroring on a SRX430
Hello, Does port mirroring work on SRX340?I was tried to configure this feature based on this:https://kb.juniper.net/InfoCenter/index?page=content&id=KB21833but it doesn't work.I see that couter in...
View ArticleRT_FLOW APPTRACK_SESSION_VOL_UPDATE interpretation
I'm working to get security alerts set up between an SRX340 and Eventlog Analyzer SIEM.I've been getting alerts that look like this:Alert Name : Default Threat,Event Name : Application Access...
View ArticleSRX1500 SDWAN EHUB Routing
I've got an SRX1500 and SRX320 in an SDWAN POC The 1500 is configured for local breakout and has a breakout policy configured for the internet tag. The 320 connects to it fine as a spoke and there is a...
View ArticleSRX integration AD
Hi juniperIf i need to log on SRX that mapping userAD with IP adddress, Does user must joining on AD?
View ArticleSRX 5800
Can someone tell me what is the maximum multicast routes supported by SRX 5800?
View ArticleSRX 240H - Block access to the host within one vlan
Hi,I have vlan (WIFI) 192.168.20.0/24 and in it a lot of wifi user devices (phones, laptops, etc.) in the same network there is a wifi controller with the address: 192.168.20.x.Clients are connected to...
View ArticleClik here to view.
Help identify part on SRX-GP-16GE-POE
Please help identify what looks like 2 memory flash cards on the SRX-GP-16GE-POE board.This SRX-GP-16GE-POE 16 port (711-062271) was purchased and came without the 2 cards.See image attached (arrows...
View Articlesrx reboot
Good day, I am reading different posts over internet and confusion reigns over the exact sequence of rebooting srx cluster for updating srx software and if "no validate" should be used.please help to...
View ArticleUnable to SSH or SFTP to fxp0 interface
I cannot open an SFTP session or SSH to the fxp0.0 interface. I can ping it. I looked in the logs and I don't see that it is being blocked. Is there something I am missing?
View ArticleWeb Filtering
Guys, how are you? I would like help with the Juniper SRX300, is there a possibility to save or create a log of all the sites that are accessed? Collecting the IP of the Local machine. I have srx300...
View ArticleJ-Web Adobe Flash Dependency
Hey everyone. Adobe has been issuing warnings in its Adobe Flash updates. Google and Firefox has been showing a warning whenever I head over to a site that uses Flash. What's more, Google has had a...
View ArticleSecurity profile recommendation needed
I want to know if we create multiple logical systems in SRX4100 then is it must to define security profile for each user logical systems as well as for master logical logical.What will happen if i dont...
View ArticleClik here to view.
SRX1500 || Control Link em1 is not coming Up whereas em0 seems fine.
Hey Guys,I'm facing one issue of Control Link, post clustering of SRX1500. As per my understanding Chassis Clustering and RG are working fine. I can see the em0 in Up state but em1 is not reflecting in...
View ArticleAdminister multiple juniper srx300 devices
Hello everyone, everything good ? What do you use to manage multiple Junipers devices? I have 30 branches using the same SRX300 equipment, however it is very laborious to change a configuration in all....
View ArticleJN0-334 exam
hi allgot my exam this week any last minute study material pls do let me know
View ArticleDoes existing sessions timeout if the policy for the same is deleted
I have an application which continues to send traffic between the source and destination as long as the current session is not interrupted. This application was running using an any any rule between 2...
View ArticleNeed help setting up 2 VPNs on same interface
srx-345 with Junos 15.1X49-D170.4 I have a setup with a VPN tunnel on the external interface (ge-0/0/8.0). This is working fine. Now I want to setup a second tunnel to a different customer. I created...
View ArticleSRX240 H2 POE - Chassis control not running
Howdy, I see this has come up a few times in the past, and some have had success following the previously documented steps, but I have not. This is an eBay purchased device and was supposed kick off my...
View ArticleSRX 240H - Getting ip addresses only from DHCP (binding static) - others not
Hi, I'm newby and I'm learning all the time 🙂 I have the SRX 240H. Is it possible to somehow set DHPC - to provide ONLY addresses entered in Static Bindings.Scenario - there are Access Points (WIFI) on...
View ArticleSRX240H - WIFI - One vlan for several subnets
I have the SRX 240H. I would like to create one WIFI vlan, access points will be connected to it. But that students and staff and teachers will connect via wifi - I would like to separate it somehow...
View ArticleSRX240H - irb or multiple vlans
Hello, I'm a newbe and I'm just starting my adventure with SRX`s;) My hard: SRX 240H (JUNOS Software Release [12.1X44-D40.2]I would like to set up several subvilans or subnets on one physical...
View ArticleJuniper Configurator and Quote Tool
Hi Juniper Team, Where can I ask for a feature upgrade regarding our Juniper Configurator and Quote Tool?The tool straightforward for us to navigate. However, the tool is quite some time consuming as...
View ArticleSRX-JE VS SRX-JB
Hello,I can see that the SRX- SYS - JE includes Application security , so my question is what will be the benefit of this as the premium flex license includes this and the advanced one as well !
View ArticleSRX240H - mrtg monitoring bandwidth
Hi, Can I do bandwidth monitoring on SRX (like mrtg in Linux) like something like this.I know SRX has its own web server as well. Or maybe it can make SMNP packets available to the monitoring server...
View ArticleSRX345 lockdown aleatory
Hi to all,I have a customer who has an SRX345 box.Sometimes the device get frezzed an becomes inaccesible via icmp, web, etc... The device doesn't answer to any traffic via any interface and the...
View ArticleThird Party SecIntel Feed - Microsoft Updates
Hello, Regarding information from the Juniper documentation on SecIntel feeds https://www.juniper.net/documentation/en_US/release-independent/sky-atp/topics/concept/sky-atp-integrated-feeds.html Does...
View ArticleAre security profile mandatory for user logical system
I want to know if we create multiple user logical systems in SRX4100 then is it must to define security profile for each user logical systems as well as for master logical logical.What will happen if i...
View ArticleSrx 5400 how to restore from usb
Hello Long story short, srx 5400 crashed and went into boot loop. I took working snapshot to usb from another 5400 and booted faulty srx with usb, seems ok. But question is, how can i get content from...
View Articleerror: usp_ipc_client_recv: failed to read message from ipc pipe
Hi Does this message the same as issue described in this article?https://kb.juniper.net/InfoCenter/index?page=content&id=KB23977&cat=SRX_5800_1&actp=LIST admin@MY-FW> show security flow...
View Article(DUP!) ping response when pinging cCTV
We have a juniper router onsite and when pinging a cctv at site we are seeing below: execute ping 10.112.34.20PING 10.112.34.20 (10.112.34.20): 56 data bytes64 bytes from 10.112.34.20: icmp_seq=0...
View ArticleProblem with DHCP
Good afternoon!I have Juniper SRX220H, recently started a problem like this:Inside the local network, passive ftp sessions suddenly ceased to take place, although all protocols are allowed in...
View Article