Help configuring VLANs
Hi, I'm very new to Juniper and networking in general, and am trying to learn how to set up VLAN across our juniper equipment. The goal is to segment our office network into 4 VLANs: internal, guest,...
View ArticleUnable to access J-web on SRX550
I am wanting to manage the Firewall from J-Web but am unable to, i get a 401 error in my browser. set system services web-management http interface vlan.999set system services web-management https...
View ArticleUpstream Router ARP Problem
Hi, 2 SRX100's in a cluster. (IP addresses obfuscated in the following config.) The problem I have is that the SRX doesn't respond to ARP requests for 109.3.4.88 from the upstream router (109.3.4.65),...
View ArticleSRX1400 vlan and trunking
HI, We have a srx1400 and an ex2200 connected together with a single cable. We planned to create 3 vlans and make a single interface on the srx1400 (ge-0/0/1) a member of those 3 vlans and then make...
View ArticleSRX ALG questions
Got a little bit confused about ALGs. Could somebody clarify? 1) What is the difference between <alg> and <application-protocol> in configuration? ch@test# set applications application test...
View ArticleSRX1500 : VLANs without tags ( van
Hi I want to connect 4 servers to 4 ports on the SRX1500 and each port is assigned to VLAN with vlan-id "none" and a irb interface with a subnet to assign IPs to the servers. will the setup work in...
View Articleviewing unfiltered bgp routes?
On an SRX running 12.3, what is the command to view raw unfiltered BPG routes as advertised by our peers? "show route protocol bgp" only gives you the table entries after route filtering has been...
View ArticleClik here to view.
config IDP on SRX cluster failed
Dear all, I try install and config IDP on SRX cluster, First step, I download signature DB using: request security idp security-package download on the primary nodeBut when download complete, has the...
View ArticleJuniper srx nat issue
I have an issue with static nat. I was assigned /23 subnet for all static nat. My srx is connected to nexus 7k and /23 is advertised on nexus. I have used x.x.x.1 from /23 and created the nat and it is...
View ArticleI can't do ping between two interfaces fxp in SRX in mode Cluster
Hi Guys, I can't do ping between two interfaces fxp in SRX in mode Cluster, the interfaces are UP... I don' know what happen,, maybe do you know any suggestion? Thanks {primary:node0}version...
View Articlesecure-access-port not available on SRX300
Hi. On the SRX100 with image version 12.1x44-d45.2, I could use the following command, to make sure, that only one computer could connect to an interface, by allowing the mac address:...
View ArticleConfig of basic 802.1p CoS marking
Hi all, I have a pair of SRX500 and I need to set the 802.1p CoS bits to 000 on ALL out-going packets on a certain vlan ( vlanid 51).(so that QoS is handeled on transport network conencted to my...
View Articlecontrol link/fabric link failure
here is the cluster : node0---node1 rg1 is primary in node1 since there is one reth down in node0(unhealthy)rg0 is primary in node0 since the higher priority 1:now if contril link between node0 and...
View ArticleFrom trust to trust zone for two internal network
Sorry to bother you. At the beginning we had SSG320 to connect the entire network for internet browsing and only one mail server. Afterware, we like some remote site user to connect part of internal...
View Articledifference between firewall filter and firewall family inet filter?
I always use the set firewall filter ... command, but I've seen that many people use the set firewall family inet filter ... command, and I cannot see difference between those commands. I mean, both of...
View ArticleSub-interfaces on a SRX 240h
I am a novice on the juniper firewall (SRX 240h). I have a working production juniper running 10 Vlans, I would like to add a few more Vlans. I have a couple of questions I hope someone can help me...
View ArticleMACsec on SRX and in general
Hi, Aparently MACsec will now be supported on the new series SRX firewalls. Has anyone had experience on implimenting macsec on CCC or any supported platform. I am currious to know if it would work...
View ArticleSet Static Route with an Outgoing Interface
Hello, I have just purchased an SRX220 to replace my home router. I am trying to setup a static route but Virgin Media who are my ISP won't give me the Gateway IP address. On a Cisco device I know...
View ArticleClik here to view.
architecture/config question
Hello, Trying to see if someone can assist with a traffic/architecture issue: I have several SRX's deployed which tunnel back to a central/hub ssg however under normal operations these remote firewalls...
View Articlewtmp not being generated
I noticed on SRX1500 and SRX5400 that /var/log/wtmp isn't being created thus show log user gives-------------------------------------------------------------------------- last: /var/log/wtmp: No such...
View Article