VPN tunnels monitoring
Dears, We have an SRX5800 that is running junos 12.1X46-D35.1. we have implemented VPN tunnels and we want to monitor it (number of active tunnels, number of down tunnels, ) using MIBs.I want to know...
View ArticleClik here to view.
Filter based forwarding for IPv6
Hi all, Has someone ever tried to do FBF for inet6 on SRX?I'm having trouble with the following configuration:security { forwarding-options { family { inet6 { mode flow-based; } } } } interfaces {...
View ArticleJuniper SRX 100 no storage error
Hello, then i power on juniper srx100 i have this massege : U-Boot 1.1.6 (Build time: Nov 19 2009 - 07:52:31)SRX_100_LOWMEM board revision major:0, minor:0, serial #: AT0610AF0596OCTEON CN5020-SCP...
View Articleipsec vpn config on MX80 MIC card
Hello forum guys and security experts, I need some help with ipsec configuration. I followed guide from http://www.juniper.net/techpubs/en_US/junos13.2/topics/example/ipsec-configuring-on-ms-mic.html....
View ArticleAllow ping to public address from SPECIFIED public address(s)
I have an issue where one of my remote offices is dropping their RDP session to one of our servers behind the SRX. Internally, NOBODY is having an issue.How can I allow my SRX to only respond to ping...
View Articlesrx1500 HA Control Port
Hello,due to SRX650 end of sale, we had to lately order 2 SRX1500;those SRX1500 have a new dedicated HA Control port which is SFP based so, apparently 1G speed (Copper of Fiber)so, SRX-SFP-1GE-SX or...
View Articleexport network between routing instances
Hi all In having issues when exporting a network between to routing instances configure as VR In using policy statement to do it, I already exporting routes received via OSPF and Direct Routes but when...
View ArticleDefault Gateway not on the same subnet
Hello,I sure hope someone can lend a hand...I have an SRX650 that I just did the basid setup on, and while running through the wizard, I found that I could not assign the gateway IP because it is on a...
View ArticleSRX 340 OSPF Advertise entire /23 when only portions of the subnet currently...
I would like to advertise simple routes that don't appear in my routing table. Only parts of these subnets are static routes in the router but I would like to advertise the entire subnet anyway....
View ArticleSRX config for Playstation
Ok so my PlayStation is getting a nat type 3 and its affecting some online gaming. I configured my srx to all allow the ports the PlayStation has released. Here is my config, can anyone see whats...
View ArticleSRX Stateless UDP mode
Is there any possible way to let srx not create session for UDP traffic ?
View Articledefault Mode of SRX
Hi, I found confusing explanation about mode of srx. The first link page explains default mode is route mode and second link page explains mix mode is default . which is the correct ? Please go...
View ArticleComit error message
Hello everyone! Today I was going to enable some debugging stuff and then I found some config which seems uncommited. I did rollback 0 and issued the commands in order to enable these debug stuff, but...
View ArticleClik here to view.
SYN Cookie Protection Always On
As far as i read on : http://www.jnpr.net/techpubs/en_US/junos12.3x48/topics/example/denial-of-service-firewall-syn-ack-ack-proxy-flood-attack-protecting-cli.html It say : In this example, you enable...
View Articlestatic routing not working in srx245
Hi, I set default route to wan interface peering IP and some static route to lan interface peering IP. I can see routing for connected and deault route but not for static route in routing table. Is...
View ArticleNOT ABLE TO PING WAN IP SRX345
Hi, I have set two srx345 with junos 15.1X49.D50 in HA and i have set host-inbound system service all to wan zone.Even i am not able to ping wan interface IP but in same time i am accessing ssh...
View ArticleRoute-Based VPN from SRX to Cisco ASA with Static NAT
We're setting up a VPN link to a 3rd party provider (a financial clearing broker) that uses a Cisco ASA on the other side in order to exchange trade clearing messages via FIX protocol (a TCP-based...
View ArticleSRX Syn problem
Hello , We are getting spoofed syn attack from the internet. But the ip address that which gets the attack blocking new connections but the connections that has sessions before is still going on...
View ArticleSRX300 won't do Site-to-Site Dynamic IPSec VPN (but worked on SRX210)
I had a working IPSec tunnel where both ends are NATted and one end is a Dynamic IP. This was built with an SRX210 at the static IP end and an SRX100 with a dynamic IP at the other end. Now I have...
View ArticleSRX320 - VDSL session drops when doing a commit
Hi All I have configured an SRX320 with a 1x VDSL2 mPIM (RoHS) card to connect to FTTC VDSL connections but when performing a commit the VDSL session drops for 2-3mins before the session is...
View Article