VPN tunnel between SRX100 and SRX220
Please advise . I have a working VPN configuration between SRX100 and SRX220 with private IP addresses. I have both IKE and IPSEC up and running and can ping the other side of the tunnel. This is a...
View ArticleNeed help! VPN tunnel is up but st0.0 interface is up/down
Phase 1 & 2 is good, can see active tunnels.VPN was working before, then all of a sudden stopped working. Bounced interface on both end made the tunnel came back up. But severs behind the firewall...
View Articlesnmp: CPU (Data) resource utilization
Hi, In the Web-interface of the Juniper Firewall SRX220H2, in the tab Dashboard, in the part "Resource Utilization", I see the "CPU (Data)".This "CPU (data)" is mostly +/ 8% but some time this "CPU...
View Article2 vlans, 2 dhcp server, cannot get them both to work at same time
I've been struggling with this for a bit now and really need to know where I have dropped the ball.show interfacesge-0/0/5 { unit 0 { family ethernet-switching; }}irb { unit 10 { description Internal;...
View ArticleClik here to view.
Completely spoofed traffic
if SRX 3600 face with an attack that sends spoof ip addresses that never hit second time and if you need the real syn packets how should you overcome this issue ? Test script :...
View Articlepublic subnet routing woes - SRX320
Hi all Hoping someone can take pitty on me and help me out of a bind. Been struggling to get this working for some time now and the boss is getting a bit snarky now so really need to get it resolved...
View ArticleSRX4100/4200
Has anyone gotten their hands on an SRX4100 or 4200 and can share experiences, good or bad? --Paul
View ArticleVPN Passthrough SRX
Hi there, I need to allow some of our users who work for another company access to their VPN server from our office LAN. Reading up it seems I need to disable port translation, i have done the...
View ArticleSite-to-Site VPN with Inline Transparent Web Filter
I have two brand new SRX340's. Currently I have a Site-to-Site VPN working between an SRX220 and a Sophos UTM 320. All the internal networks can talk amongst themselves via 'traffic-selector's in the...
View ArticleClik here to view.
SRX can't ping / access hosts trough vpn
Hi!I can ping SRX device from any host within LAN (directly attached to SRX or through vpn), but SRX device itself cant ping devices trhough vpn.Captured some traffic on destination host with tcpdump -...
View ArticleLoopback Mtu Problem
Hello colleagues, I have a problem ,in my case i'm using loopback in my bgp scheme and i configured nat and everything seems like working fine but when i connect to various web-sites i'have a MTU...
View ArticleUpgrading from 12.1X44-D40 to 12.1X46-D60 fails
Hey community, because there ist no warranty or no active support for my SRX100H I need your help. I wanted to upgrade my SRX to 12.1X46. Everythings looks good but after reboot I get the messages:...
View ArticleSRX VPN tunnel with NAT to the Internet
I have been trying to get this going for a number of days and just cannot get it to work. I want VPN traffic destined through the tunnel to go through and all Internet based traffic to be NATed and...
View ArticleL2TP windows VPN through SRX
Hi Guys, I currently have a VPN set up using Windows and PPTP however i need to change this as its not very secure and we have mac users who want to connect and the latest version of the Mac OS does...
View ArticleSRX300 Slow When Connecting Through Switch
Subject says it all—Internet downloads are fast at 120+Mbps when I connect a system directly to the SRX, but are slow at 20Mbps when I connect the same system (and other systems) and the SRX to the...
View ArticleClik here to view.
SRX Chassis Cluster connects to Nexus 6k via VPC - Issues
Hi All, I have configured 2 SRX as a chassis cluster (Active/Standby) and then connect them to 2 Nexus 6k - there are 4 10G links and form 2 VPCs. Please find the topology as below: I just used the...
View ArticleFilter security log sending out to the log managment system
Dear all,Now I set up the log managment system to receive log from many firewall SRX 3600. But now I want to filter out log securtiy sending from SRXs.I configure security policy for each customer on...
View ArticleUTM Services to High Ends SRXs.
Hi All,i´m studying to JNCIS-SEC and i´m studying the UTM subject and so raised a question: For Branch devices there a lot of UTM services (Antispam, Antivirus, webfiltering, etc). But, and about the...
View ArticleVPN Rekeying process.
Hi all,we are monitoring the traffic consumption through the PRTG monitor server and we have noted that the traffic suddenly go to 0 traffic for a few seconds. I would like to know if this are ocurring...
View ArticleLots of tunnels ok but ONE route-based VPN tunnel to Cisco ASA passes data...
I have a situation with ONE partner/supplier using a Cisco ASA where the route-based tunnel between my SRX-240 and the ASA will not stay up for more than a few minutes at a time. I have examined the...
View Article