SRX : IDP Match SIP User-Agent?
Is there a way to write a custom signature for the IDP which will match a User-Agent field? You have the built in contexts such as SIP-HEADER-ANY but none of the built in ones that I have tried will...
View ArticleMoving to LACP port-channel without downtime
Hi ,I have a couple of SRX 3600 in cluster configuration , and in a reth one interface per node.Since this interface is saturated I want to move the reth with single interface to a port-channel.This...
View ArticleSRX240 Chassis unable to commit
I have a SRX240 cluster that is unable to commit any changes. We have found a few problems, that include: /cf/var: write failed, filesystem is full>> I issued a request system cleanup, however...
View ArticleMoving from SRX210 to SRX220
I have had a SRX210 up and running in production for a few years now. Works great, been able to get it to everything I could want dual ISP routing, vpns, vlans, etc. I picked up a SRZX220 because the...
View ArticleSystem Archival different then file copy via scp?
Hi All, I'm facing a bit of an odd issue with the system archival. I've seen some posts come by about system archival, but not quite the issue i'm seeing here. The setup:SRX220 (192.168.1.1) <-->...
View Articleblock all email attachments
Using UTM, is it possible to block all email attachment file extensions without listing all the possilbilities and then use a short permitted list? SRX-240 chuck
View ArticleQoS hub-spoke IPSec tunnels
Hi all, We have a bunch of remote sites tunneling everything back to a central hub. These remote sites all have various connection speeds/profiles and I'm looking to (specifically) help boost VoIP. I'm...
View ArticleConfiguration assistance on SRX340
Hi Forum, I am new to Junos and the SRX...I am having a difficult time configuringn my first SRX using J-web and hopefully someone can take a look at the attached configuration and see what I am doing...
View ArticleAllow all host hiding NAT and inbount Static / Destination NAT?
Hi, firstly, very sorry, but I'm new to SRX and will probably use non-Juniper terminology. I have a pair of SRH 100H working fine.Two zones: trust and untrust.A simple two-legged SRX with a leg in...
View ArticleTrouble with policy-based vpn
Hello, I'm trying to setup a site to site policy-based vpn between a SRX240 and openswan running on a debian box So far phase 1 and 2 seems to be established. I can ping from the linux box to the...
View ArticleClik here to view.
SRX 300 - How to disable transparent mode
Previously we used SRX100 and SRX110 routers. Now we have switched to the SRX300 and there's a lot of problems getting our old configs to run on it. It seems to boil down to this new transparent mode....
View ArticleSite to site vpn UP 100second and down 20second all the time problem.
I have to try site_to_site vpn. Main office has static IP ja remote office has dymamic IP. The connection is UP 100sek and then its go down about 20sek, and UP again all the time.I am beginner in...
View ArticleSRX300 ipsec VPN to Amazon VPC without BGP = complete fail
I've spent more than a week trying to figure this out and at a total loss. I've followed all the steps provided by Amazon, used the configuration they supplied, and have no idea how to...
View ArticlevSRX scsi & IDE ova image difference
There are two vSRX OVA files available for download, a) scsi and other one b) Ide What is the difference between these two (except hard disk interface) in terms of performance, working behavior? As...
View ArticleSending default route to virtual routing instance
Hi everyone, I wanted to know how I can send my default route from master routing instance to a virtual routing instance. I have one wan link on port ge-0/0/0 but it is part of a xyz virtual...
View ArticleSRX 100 DHCP gateway on routing instance
Hello, i making dhcp server on custom routing instance virtual router and the host cant got gateway. Host have IP adress, but gateway dont have. Where is the problem?Sorry for bad english. set...
View ArticleJ-web, Monitor Interface Traffic
Is there a way to effectively monitor traffic on the SRX interfaces using J-web? The J-web seem not to be very useful doing things graphically
View ArticleSRX Allow IPv6 Traceroute
Hi,For some reason ICMP is not the default method during IPv6 traceroute, instead it's UDP. I have tried to find information about how that works and how I can allow this specific traffic to flow in my...
View Articleport forwarding on srx 210
I have never been able to set up port forwarding on this SRX 210 today i took a stab at it following these two articles...
View ArticleGUI Vs Command Line SRX
Hi All, Can I run GUI and Command line at the same time? How do you rate SRX GUI. Currently I am working in command line. Though it gives more flexibiltiy but obviously its consume more times. Thanking...
View Article