SRX5800 Reth0 LAG with Extreme Networks MLAG
Hi, We have a setup with a SRX5800 Chassis Cluster and we are doing a Reth LACP setup with Extreme Networks' MLAG. The connections are as below: 1. xe-10/1/0 -> Port 1 of Extreme Networks switch...
View ArticleClik here to view.
configuring the VDSL2 PIM with point to point IP without using username or...
Hello I am trying to make the below setup, by using the VDSL2 pim instead of SHDSL one, without using username or password for authentication as there will be point to point IP from the PE to the...
View ArticleSub-interface with tagged VLAN in vSRX
Hi. It is possible to create tagged and untagged sub-interfaces simultaneously in vSRX?Something like these:ge-0/0/0 { unit 0 { family inet { address 192.168.2.100/24; } } unit 1 { vlan-id 10; family...
View ArticleRoute based VPN in and out same interface?
I'm configuring a VPN on a SRX550 that sits behind a SRX650. I *think* I have figured out the config for the VPN NATing out the other firewall. The piece I'm not sure will work is if I Have traffic...
View ArticleClik here to view.
SRX 340 ports
Hi, Does anyone of you know which port become SRX340's Control Link (fxp1/em0??) in Cluster Mode. In need this piece of information to finish the LLD. Unfortunately neither DataSheet nor TechPub Doc...
View Articleintermittent vpn with multiple proxy IDs
Hi, we have a vpn on our srx firewall, and its peer device is a cisco ASA. we are using policy based vpn and there are three subnets/proxy-IDs. we configured 3 sec policy for each subnets, so that each...
View ArticleSRX240 SSH Rate-limit dependencies
I just inherited a fielded SRX240 and need to run Nessus scans against the device remotely. After talking with colleagues, to get valid scans I need to increase the SSH rate-limit (system services ssh)...
View Articleclass of service does not work on vpls interface?
Hi all,I want to rewrite all egress traffic with CoS:4 at ge-0/0/0.34. Here's my configuration: interfaces { ge-0/0/0 { per-unit-scheduler; vlan-tagging; encapsulation flexible-ethernet-services; mac...
View ArticleSRX DDNS with Google Domains
I am running 12.3X48-D25.3 on an SRX210 looking to activate DDNS using Google Domains support for DDNS. Support article from Google can be found here. My configs: [edit system services dynamic-dns]...
View ArticleDynamic DNS on SRX with dyndns.org
Hello All, Earlier I tried to setup ddns on SRX with noip.com; but it never worked out. Now I've got a DNS hostname from dyndns.org (dyn.com) and I've configured SRX with the details: [edit system...
View Articlestupid question about ipv6
Why when I do show route IPv6:Addr::61gives me nothing. but if I do this: show route IPv6:Addr::61/64 I get some static routes?
View ArticleHardware change VPN won't authenticate (certificate auth)
I have a remote site that is connected to another site via a site to site tunnel using pki / cert based auth. My new firewall has the same config, etc., but I had to generate a new cert since the old...
View ArticleSyntax error
I have written a config and checked it inside out. The SRX220 will not load the config with a "Syntax Error" but me and Notepad ++ cannot find it anywhere. Any clues?
View ArticleVpn created behind NAT device
There is a couple things I'm not getting. I found a doc that says to add: set security ike gateway ike-gateway1 local-identity hostname juniper.net; But I don't know what side to put it on. Or if it...
View ArticlevSRX VPN IPSec Site-to-Site PPPoE problem
Hello ladies & gets, I am new in Juniper and generally JunOS but I found it easier to learn, so in order to make my first steps with the real deal -SRX- I got firstly vSRX in order to test some...
View ArticleSRX220 trouble with IPsec VPN
Hi,everyone.I have an SRX220 and we're trying to set up an IPsec VPN with SRX650. On SRX220 IPsec phase 1 failed: on "show security ike sa" - blank.All VPN related configuration such as encryption...
View ArticleSRX OSPF Single area
Hi,I just want to be verified whether my SRX OSPF configuration is correct or not.So far I can ping to each SRX interfacehttps://nbctcp.wordpress.com/2016/04/20/ospf-labs/ tq
View Articlesrx - youtube performance - slow buffering
hi,I am using srx220h2 at home. srx is connected to router (from ISP) via 1gig link. On srx were configured: VRFs, NAT toward Internet, zones and sec for traffic. One host is conected via other 1gig...
View ArticleClik here to view.
User in Internet activity statistics.
Our small and medium client often ask about small system to log "user in Internet" activity. We tested couple solution but none of them meet the expectations.What we need:- of course syslog based;- one...
View ArticleSRX Cluster to Cisco switch stack config for resilience
Hello, Wondering if you could help. We have a situtation where we need to connect our SRX cluster to two cisco switches (which may or may not be stacked - still awaiting more information from the...
View Article