some erros on the SRX
Hi All,Recently the following log messages have been taking place on the high end SRX in cluster environment. Is any one experiencing in these errors? node0.fpc0.pic0 cpu_util_usp_ipc_cmd_handler:...
View ArticleSSH Access via VPN Only
Is it possible to have two policies from the same zone to the same zone to only allow SSH access from the VPN range of address rather than from everywhere please? I will try and explain the issue: I...
View ArticleMoving to SRX from SSG
Hi All, We've had great service from our SSG's and now want to replace them - it's overdue. We've made use of 2 x SSG140s in our head-office (active-passive HA) and single SSG20s in remote offices....
View ArticleTryin g to get DHCP working on srx650
I understand the device is EoL and no longer supported but I need help configuring DHCP on an SRX650 with XPIM module installed. Ethernet-switching family is NOT supported so I've been trying to use...
View ArticleSRX 300 LIcense?
Hi all, I am new to the Juniper Licensing. Do I have to buy a license to use a SRX300 such as this legally? Do I just lose functionality if I don't....
View Articlesoftware for Juniper 240srx
We are having an issue with our Windows 1 0 workstations where Pulse connect successfully but sometimes the client won't pass any data. Happens randomly, usually 1 out of 5 trys. The client always...
View ArticleSRX Not logging blocked traffc
Hi,I have a configuration like this to log the details of the blocked traffic to a file.set groups Default-Deny-LOG-Template security policies from-zone <*> to-zone <*> policy defult-deny...
View ArticleClik here to view.
How can I get the sessions table quikly?
Hi guys,the customer would want to have a global and complete view about the network flows managed by a SRX firewall. to do that, I thought to get the sessions table periodically for a long period of...
View ArticleSource Nat match destination
I have an srx240b2. 11.47xxxx, I want to know if I can use source nat match destination 0.0.0.0/0 with the internet. I know I can use source nat match source 0.0.0.0/0. Match source is default. The...
View ArticleSource Nat options
Where can I find the options for this command set?set security nat source rule-set xxx rule xxx match protocol ?????
View ArticleSub-interfaces in different routing-instances w/o tagging.
Hi everyone -I currently have 3 sub-interfaces off a single RETH - for exmpale: reth7.2 = 192.168.72.1/24 reth7.3 = 192.168.73.1/24reth7.4 = 192.168.74.1/24 I have placed each sub-interface into its...
View ArticleNCP Client not connecting
Hi, I am trying to completely lock down our SRX firewalls and so am at the very last point, the rest is working fine as expected. I have an NCP Client that connected fine before this lockdown...
View Articlesrx j-web upgrade version
Hi Junos Expert. does srx jweb version can be upgraded on old/new platform? i tried to google it but i cant find any. many thanks
View ArticleSRX220 - DMZ - Double NAT - PS4 - External Wireless Router - to achieve NAT...
Equiptment:Juniper SRX220hPlaystation 4 proCisco/Linksys WRT610NVerizon FIOS 100/100Dell Poweredge ServerResearch Source...
View ArticleUnable to Connect third party service
The third party said the registration need UDP 5060,1812,1813 , i had permit, The Port but not work ....................Many Thank policy SIP_Vendor { match { source-address VOIP;...
View ArticleIpv6 source Nat match equivelent
Srx240b2, 11.47xxx . Is there an equivelent to set security nat source rule-set xxx rule xxx match protocol , for ipv6.
View ArticleProtect SRX from Stealth scans
Hi, I have searched for a clear cut answer to this question but cannot seem to find one.I want to be able to protect our SRX Firewalls from stealth scans via nmap or a similar program that will...
View ArticleAny one know how to activate this license using new web juniper portal?
Hi all, Previously i can activate license SRX5K-SVCS-OFFLOAD-RTU for SRX5800 that using junos version 15.1X49-D70 using old juniper license portal. But using new portal...
View ArticleLimit bandwidth use on a specific port by ACL?
Our ISP is giving us 1G of data on a 10G port. We can use up to 10G but at an extra rate. I'd like to limit the users who could exceed 1G to a specific range. Is that possible? Using an SRX 1500...
View ArticleSRX300 DHCP Client issue
Dear Experts, I'm strugling with dhcp client setup on SRX300 (JunOS 15.1X49-D130.6).Any help will be appretiated. I've 2 ISP's, connected to ge-0/0/0 and ge-0/0/1 and I'm not able to obtain IP address...
View Article