SRX650 with ex4200 bgp peering
Hi, I'm setting up an network with an SRX650 and a EX4200.I only have 1 ISP and not able to find any information how to setup this properly.The problem is that I don't know how to configure the srx650...
View Article2 VPNs to Hub Site - how to implement
I have 2 ADSL services (for resilience) at a remote site, let's call them 'primary ADSL' and 'backup ADSL'. We have a Hub-Spoke VPN architecture and run OSPF. I wish for the primary ADSL to be used...
View ArticleBG (Bridge Group) equivalent in JunOS
I have a single interface, ge-0/0/0, on an SRX that I wish to convert into the JunOS equivalent of a ScreenOS bgroup so that other ge interfaces can be included. We do not use VLANs. How can this be...
View ArticleZone dependencies?
Hi all, One of the exam objectives for JNCIS-SEC under Zones is called 'Dependencies'. Please could anyone explain what this means? Thanks
View ArticleSRX300 - Application outside network
Hello, I have a HR service running on my IIS inside a server I have in my network.All people from my network can access it but now it needs to be accessed by people from outside my network. Today we...
View ArticleNAT on smtp D-NAT and S-NAT config
Hello Experts, We know that NAT can be used for many things. And we were thinking to resolve our situation by using these Bear in mind we have 2 sites...
View Articlechassis cluster with dynamic VPN
Hi Can I configure Dynamic VPN on group of SRX (chassis cluster)?Is it support on active/active or active/standy?Should I buy double license for install on pair of SRXs? Thanks!
View ArticleSSL Reverse Proxy with Destination NAT
Our client has a requirement to have SSL reverse proxy configured on their perimeter SRX5400. Requirement is as follows; Source - Any destination - Skype for Business Server (10.1.1.50)Service - TCP443...
View ArticleFilter logging
Hi Everyone, Please consider the following example:H1-199.199.199.1--199.199.199.10 F1 SRX--Rest of the network. We want to use filter to log traffic,just the first 100 bytes of each IP PACKET ,...
View ArticleSRX CPU consumption / Routing Instance and Firewall Filters.
HI All,i deployed a IPSEC VPN in a specific routing instance. The interface tunnel (st0.x) are deployed in a routing instance A, and the user segment that need to use this IPSEC tunnel, are associated...
View ArticleSRX DHCP server not working
Hello Experts, Any reason following SRX DHCP server is not working DHCP server=========set version 15.1X49-D120.3set system root-authentication encrypted-password...
View ArticleSRX VPN loopback private address termination with static NAT
Hi Experts, I have a SRX300 device running 15.1X49-D140.2. I would like to create a route based aggressive mode VPN where this device will initiate the IPSec connection. Can I initiate this VPN using...
View ArticleJUNIPER SRX340 License Key
Trying to install a new JUNIPER SRX340 firewall and the setup is requesting a license key. One was not provided and when I called support to generate one, they said it wasn't required. We can't figure...
View ArticleClik here to view.
SRX security logs in Stream mode not working
Hi everyone,To better understand Security logs in streammode, I set up the following scenario:Above we are using SRX 100.Design goal: SRX should send all SECURITY LOGS in stream mode to SYSLOG...
View ArticleCould we move Dynamic VPN license from srx240 to srx340
Dear juniperMy customer is planning to migrate from srx240 to srx340. Can we move Dynamic VPN license to SRX340?
View ArticleOspf between srx and mikrotik
Hello Could use litle help with debugging a problem. Long story short, i made working config using lab equipment at hand (srx 210 + mikrotik), everyting worked as expeted. But when i transferred same...
View ArticleClik here to view.
Can not deploy VSRX in ESXI
Dear JuniperI try to deploy VSRX version vsrx-vmdisk-15.1X49-D140.2.ide but not be successful. Can you suggest me to deploy it? Noted! file checksum is correct
View ArticleLicense needed for PPTP on SRX
Hello Guys, I need your help regard VPN connections on SRX. 1. Is a license needed for PPTP connections? 2. If i want ipsec site to site VPN for 6 connections, i must purchase licenses for 5 user...
View ArticleSRX to Two ISP failover configuration
Good evening We have the following setup: SRX HA Cluster 1500 Site A: HQ:SRX Node 0 ----> ISP 1---->MX-104 primary SRX Node 1 ---->...
View ArticleSRX1500 - PCAP equivalent
Hi, Is there an SRX1500 equivelant command for the SRX1400 command "edit security datapath-debug" please? Seems quite useful to get a direct PCAP output....
View Article