service rpm for SRX345, issue ?
Hi, Guys, Three infrastructures modes ( standalone SRX345, SRX345 HA active-standby, SRX345 HA active-active ) are tested ( with different Junos versions ). Two infrastructures get normal response of...
View ArticleJunos OS
I have 2 SRX240 with HA working fine before Electricity goes down and came back, Node 0 working fine while node 1 Junos OS corrupted and booting from Backup Image which is has different version of...
View ArticleIssue with setting up network admin Auth via. ldap/NPS
Hi So i am trying to setup our network applienses to use radius to authenticate our admins when they need to make changes to switches and firewalls. I am testing the setup on a vSRX, but cant get it to...
View ArticleChassis cluster crashes after show securify flow session
We have a chassis cluster with two SRX 340. Almost everything seem to be working fine, but sometimes when using command "show securify flow session" the cluster is crashing... root@SRX1> show...
View ArticleRouting Same Network Over VPN Tunnels
Hi All, I have a customer with a VPN setup to my one site with the termination on my SRX240H2. This is a route based VPN tunnel, and proxy IDs have to be configured on this tunnel. Here is my issue,...
View ArticleAnyone with good understanding of Unified Security Policies (SRX)
Been looking for awhile at wanting to use the unified security policies as they keep releasing compelling features based on it. Not to mention, newer versions of Junos will be defaulted to this and it...
View Articleevent-trigger SRX345 on monitoring the interface bandwidth > 90%
Hi, Guys, Just would like to know how to config the following requirement: Conditions:1. SRX345 is monitoring the WAN interfaces of bandwidth utilization.2. If the utilization goes upto the 90%, some...
View ArticleIPSEC VPN issue no chassic cluster - external-interface'(lo0.1) and...
I configured 2 ipsec vpn tunnels to AWS. Bofh tunnels are UP, but there's a problem with communicating with hosts in AWS: After enabling traceoptions I see errors: CID-1:RT:'external-interface'(lo0.1)...
View ArticleIpSec VPN mode
Hi all,What is the difference between Main and Aggressice mode in IPsec vpn?Which option of the Mode is best for the 250 spokes and 2 hubs in a network? ThanksA.
View Articlesrx300 os recovery help T.T
Hello? I need your help!The Device is srx300 The problem is that the os of the device is faulty.So I proceeded with the recovery with usb.However, I keep getting an error....
View ArticleIssue with LDAP Integration
Hi All, I'm trying to get an SRX-345 connected to a DC using LDAP but it is currently failing. I have confirmed the assigned user and password set up on the DC for the LDAP connection and configured...
View Articlelog in -- Host key verification failed
Hi, We have obseved below log messages on SRX210 as well SRX300 while i am trying to authenticate. I could not log in the firewall.Please suggest, how to fix it. user@fw> ssh...
View ArticleUDP / TCP port verification commands
Hi All, I checked some documents but could not find the exact commands to check which UDP or TCP ports are allowed I did see that this command "show system connections" list certain ports but does not...
View ArticleDNS Requests from same source port are intermittently dropped
Hello all, We see an issue on our SRX340 where DNS packets from the same source port are intermittently dropped. This problem is somewhat known in the Linux worked and well described by this...
View ArticleLeaking BGP-learned routes from a virtual-router instance to inet.0
Hello, Anyone wants to help a bit? I think I'm missing something totally obvious here but cannot figure it out. I have an SRX1400 cluster running JunOS 12.3X48-D85. There is a virtual-router type...
View ArticleHow to Stop Our Public Interface from attempted logins ?
We are using a SRX345 as a public facing Internet router. As would be expected, we have new unknown friends from all over trying to login into our new device. We have used the login offset commands...
View ArticleUnable to ping localhost in a site to site VPN
I have set up a site to site vpn with a juniper srx340 to a cisco meraki. The VPN is up. When verifying with "show security ike sa" it shows the tunnel up. Also I use "show security ipsec sa" and the...
View Articlerandom kernel panic srx300 with 19.1R1.6
HiAnybody seen this behaviour before:We have 10x SRX300 in 7 locations (3 in cluster configuration), The 2 clusters with version 19.1R1.6 are random crashing with kernel panic error below, support...
View ArticleJbuf pool 1 utilization
Hi, We are running a cluster of SRX-345's with firmware 15.1X49-D170.4. Every now and then I see this message in the logs: Local4.Critical 192.168.0.254 Dec 18 09:36:01 SRX345-CL-N0 Warning: jbuf pool...
View ArticleClik here to view.
question about sending syslogs to splunk (missing the 'action' field)
Hello, I have succesfully set up my srx to send its syslog and security log traffic to a remote instance of Splunk. In Splunk I am able to write a search that gives me (almost) everything that i would...
View Article
