Inconsistent behavior of dynamic VPN [URGENT]
I noticed whenever i am CONNECTED to my juniper via dynamic vpn, sometimes i am able to access protected resources aka private network and sometimes i can not. I restart everything including router and...
View ArticleWIRED: different logs from diff SRX with the same config and Junos version...
WIRED: different logs from diff SRX with the same config and Junos version...Hi There,I got wired behavior on two SRX100’es with syslog configured in the same way, running JUNOS 12.1X47-D30.4 built...
View ArticleSRX Support for DHCP with special routing instances?
Can anyone tell me if any version of JunOS (12.1X47 up) provides support for configuring DHCP WITH a special routing instance? Or do we need to remove special routing instances and configure everything...
View ArticleHA Cluster Loopback Interface during failover
I have two SRX3600 connected as A-P HA cluster, and there is a loopback interface used for VPN termination and assigned to redundancy-group-1.Its working in the primary firewall, but when I failover to...
View ArticleStrange IPsec behaviour between SRXs
Hello. I have really strange and confusing IPsec behaviour in very simple configuration. Here is the layout:Two identical SRX100H2 with the JunOS 12.1X46-D40.2 and BIOS 2.8 SRX-01 has the ISP IP =...
View Articlemix AC and DC power supplies in SRX cluster
Dears, Can we have node 0 in AC Power and node 1 in DC power inside same chassis cluster ? Br.
View ArticlePhase 1 packet arrived from an unrecognized peer gateway
Trying to get a point-to-point VPN setup between a SSG and an SRX and can't get past the phase 1 error. Any help would be appreciated. Here are the configs:SSG: Untrust Addr: x.x.x.138, Trust Addr:...
View ArticleADSL Configuration help
Hello, I'm in the process of configuring a SRX110 to replace a SSG firewall thats currently in use, looking through the config here are the relavent bits with regards to the ADSL connection. set...
View ArticleDual ISP, Redundant VPN, and FBF -- working, but tunnels dropping every 10-25...
Hello All, I am having trouble with the mentioned setup, hoping someone may have a suggestion. The idea is to have our remote site with 2 different ISPs to handle internet traffic depending on protocol...
View ArticleLooking to hire!
I am the CTO for Independent Technology Group (ITG) a Los Angeles, California based Juniper Networks Elite reseller partner. We are expanding and looking to hire a mid to senior level engineer with...
View Article[request feature] dual control / fab on branch srx
hi guys, are there any documents that will point out having branch srx devices with dual - control / fab links? will there be any enhancements like this in the 14 .x version? thank you,dwayne
View ArticleDont get DHCP on second VLAN??
Hi.Dont know what is wrong.. But i can get my 2. VLAN to give out any DHCP here is the config. am i doing something wrong.## Last changed: 2016-01-26 21:32:06 GMTversion 12.1X44-D35.5;system {...
View ArticleWhy is the SRX using NAT-T for the IPSEC?
Recently I did changes on one of our SRX devices which introduced the need of NAT-T enabled on other devices.I dont get why this is needed with the new configuration.Let me explain =)Source NAT has...
View Articlein-service upgrade Cannot execute command /sbin/sysctl hw.re.dualroot.enabled...
I am trying to downgrade my system, but I am getting the following error. I know I can fix it by rebooting the system - but is there a way to fix this without rebooting? root@brick-01> request...
View Articlehow to igmp querier on srx5800?
Hello guys,a customer of mine is migrating cisco catalyst to nexus who doesn't support igmp querier feature, so we decided to use the srx instead.Can i make srx interfaces IGMP querier? how to? and......
View ArticleSRX USB auto install
Hello everyone, I have about 120 SRX devices to deploy across the country, and I'm trying to figure out a way to configure these things without shipping them all directly to me, and then back to their...
View Articlejflow not working on reth interface
Any idea on this? I cannot get this darn thing to work on reth interface - works fine on our non HA srx's JUNOS 12.1X46-D35 /* Lan LB */ reth2 { redundant-ether-options { redundancy-group 1; } unit 0...
View ArticleSRX 550 bandwidth utilization finding for subnet 172.16.6.0/24
Hi all, I am having srx 550 and i need to see the utilization for a subnet 172.16.6.0/24 in the SRX. Can someone hellp me with the commands and how can i achive it if any external tools or something to...
View ArticleDoes SRX Series Firewall Support TCP Fast Open?
I would like to buy a firewall with SRX series , which can support TCP Fast Open (RFC7413) with SYN-checking. I have tried cisco ASA firewall, but it cannot accept receiving packet before finished 3...
View ArticleURL category checking
hi guys, how can we check a URL category on Junos Enhanced Web Filtering? like the screenos, surf control has way of checking what category is a certain website. thanks,dwayne
View Article