Vulnerability Patches for SRXs on 12.3X48 after EOE (End of Engineering)
Does EOE mean that Juniper will not release patches for Security vulnerabilites for the time period between EOE and EOS as is listed below for example the SRX3400 on 12.3X48? I need to know if I need...
View ArticleIPsec
Hi all,The current conf has a statement of "set security flow tcp-mss all-tcp mss 1450". But I want to assign a more specific tcpmss value for the IPsec traffic on the srx device, so I will use "set...
View ArticleSRX VPN network issue
Hello all, please help.I recently had a SRX 210 completely crash and i did not have a config back-up.I know my fault. I had site to site VPNs setup and know i cant remember how i set it up since i...
View ArticleIncoming Destination NAT through VPN Tunnel
Web Server 10.0.0.2 ------(10.0.0.1) Site A SRX (1.1.1.1)---------------IPSEC VPN-----------------(2.2.2.2) Site B SRX (10.2.0.1) I'm trying to setup a backup destination NAT for some servers. Since...
View ArticleDHCP over sub interfaces /vlans
Hello, I have multiple sub interfaces in different vlans on SRX320. Trunk link is created between SRX Physical interface and EX2200 switch. I wnat to configure DHCP server on one of the sub interrface...
View ArticleRoute based VPN on SRX and EX switch
Hi everyone,I have some questions about ipsec implementation on SRX 550 and EX4300 switches. SRX:1)Does SRX perform IPSEC in hardware ? Generally, On Cisco, it is implemented on route engine (...
View ArticleRADIUS authenticaiton on SRX1500
Hello there, I've recently ran into a weird issue where I've got an SRX1500 that i'm wanting to eonnect to RADIUS-authentication. Ths SRX is running in packet mode. Relevant configs below...
View ArticleShaping on multiple st0 interfaces
Hi, we have a hub and spoke topology with multiple remote sites. Ipsec tunnels have been implemented through layer 2 (different vlans) connections to each site. On the hub site the outside interface is...
View ArticleSSL Libraries out of Date SRX240H2
Hello, Some of my browsers that have restrictions for stronger cipher suites and protocols are unable to connect to the console for the SRX240H2 service gateway. That leads me to concerns about the...
View Articlefirewall events not showing on J-web
Hi Guys, traffic events are not showing on our srx345 jweb. 'Monitor > Events > Firewall' it always shows "Traffic logging is not Enable" but we've did it many times already. even in the security...
View ArticleTwo routing engines on SRX5600
Hi all!Can I use two routing engines on a single SRX5600 ? I haven't found any docs for this scenario. Thanks. Regards, Endi
View ArticleSite-to-Site VPN with one site behind NAT device
Hi I have SRX in the branch, the SRX is behind a NAT device, so the public IP is in the NAT device and the SRX external interface has private IP address.We need to setup site to site VPN with a Cisco...
View ArticleRT_ALG_ERR_NAT: SIP ALG NAT failed
Hi, I am trying to enable persistent-NAT and SIP ALG on an SRX220 and see a bunch of these : Jun 18 09:45:01 SRX220 junos-alg: RT_ALG_ERR_NAT: SIP ALG NAT failed.Jun 18 09:45:02 SRX220 junos-alg:...
View Articletakes long time to commit when adding security policies
Hi Guys, we are having problem when we are saving/committing after we add security policy on our srx340, it take ages especially in jweb. actually we've already configured 231 security policies and on...
View ArticleDoes JunOS affected by "SACK Panic: Linux and FreeBSD Kernels Vulnerable to...
Hi, Is anyone aware about it?SACK Panic: Linux and FreeBSD Kernels Vulnerable to Remote Denial of Service Vulnerabilities (CVE-2019-11477,...
View ArticleSRX-3400 configuration synchronization from slave to master
Hi,I have SRX-3400 in cluster mode.I'm planning to upgrade it.I will separate the units, and upgrade the slave unit.switch the traffic from master to slave, wait a few days and if all is well I will...
View ArticleSRX - Azure Express route
Hello all, I would like to create an Azure expressroute configuration on my premises srx300 series chassis cluster. Is there anyone out there can share an example config from scratch? (Public peering,...
View ArticleCan SRX 4200 config RPM base on jitter and latency to select wan link?
Hi Juniper Can I config RPM base on jitter and latency to select WAN link that meets criteria?
View ArticleFlow Session Lookup Fails for return traffic when sourced from the SRX
Having some issues with an SRX dropping the return traffic because it thinks it is a new flow and doesn't belong to any existing sessions and says "packet dropped, first pak not syn". security flow...
View ArticleCOS to QOS, "exact" conditions ?
I have configured COS and it isn't just for PC hosts. I have put some wireless AP's on ports ge-0/0/13.0 - ge-0/0/15.0 . They are routed and have QOS running. In those routers I have set bandwidth...
View Article