Clik here to view.
Design a redundant network
Hi! I need some help figuring out the best configuration scenario for my network. Please have a look at the attached image as I’ll refer to it. I have a two ISP setup with BGP to both peers. My SRX...
View ArticleLog when ISP is down
Is there any way to obtain a log when I lose Internet conectivity from one of my two ISPs? I was thinking in something similar to rpm services: when SRX send ICMP packets to an Internet host and this...
View ArticleSRX650 support CGNAT?
I read that some of the larger SRX units support CGNAT, do the smaller ones support it as well? Also, do all SRX units support MPLS?
View Articletraceoptions only showing dropped packets inspite of applying basic-datapath...
Customer configured traceoptions in SRX 3400. But when he see show log <file name for traceoption> he only sees dropped packet, however he has configured with flag basic-datapath. I can see...
View ArticlePolicy based site2site VPN no traffic
Good morning (o; First of all...I'm pretty new to SRX devices.... I've setup a site-to-site policy-based VPN with the help of the online configuration tool, and from what I can tell the VPN is up and...
View ArticleClik here to view.
unable to ping to SRX self ip across different routing instance
Hi Friends, i'm facing a strange issue in lab, bascially my setup is like below: The requirement is on EX4550, ping between the vlan.30(default routing-instance) and vlan.80 (belongs to...
View ArticleSRX340 Dynamic VPN
Hi all, i have upgraded my SRX340 to the latest 15.1x49-D70.3 Junos, and i have referened the below link to setup dynamic VPN, however, i couldn't access the https://<wan ip>/dynamic-vpn to...
View ArticleUnwanted traffic hitting external interface proxy arp addresses
Hi, I have a fixed external ip on the external interface of our SRX device, I recently set up a default deny rule so i can monitor traffic on a syslog server. I am seeing lots of telnet and ssh traffic...
View ArticleClik here to view.
issue with static nat ip in ipsec vpn not reachable
Hello,I have ipsec tunnel configured on Juniper SRX240 on interface st0.2 with static nat to internal server of same ip range. VPN is up and i could ping interface ip from remote however natted ip is...
View ArticleGRE tunnel ping drop
Hi everyone, I have deployed GRE tunnels between Juniper routers MX104, with simple configuration, I am facing ping drop frequently, every 10 to 15 mintues time of span, from LAN to LAN and from Router...
View ArticleRoot Password reset Juniper SRX100 (Defaulting the boxes)
Good day, I purchased two SRX100 devices on EBAY for pursuit of JNCIS-SEC cert. The devices however was not defaulted. I tried changing the root password by entering watchdog disable and the Loader...
View ArticleSRX340 High CPU temperature
Dear fellow Juniper-users, I recently replaced a SRX240HE2 with a SRX340, using the same configuration in the same environment.All works fine, I have no alarms, but I do see a rather high CPU...
View ArticleSRX 1500 Chassis Cluster meshing to F10
I have two new SRX 1500s that I've configured in a chassis cluster (using the 10-gig SFP xe-0/0/19 as fabric), which appears to be functioning, and which are going to replace two Cisco ASA 55xx series...
View ArticleLink connection between two Virtual Router on SRX220
Hi all,My scenario is seperate SRX220 to two Virtual Router : Host 1 --> ge-0/0/1.0 ---SRX220--- ge-0/0/2.0 <-- Host 2From Host 1 traffic can reach to Host 2 and reverse. But with series...
View ArticleSRX removal from Cluster
Hello, I have a had a quick look and it appears it can be done with the command 'set chassis cluster disable reboot I take it this needs to be done individually on both nodes ? Would the interfaces go...
View ArticleClik here to view.
Trouble with excecute netconf on a srx 1400
I have a jtac case on this, but just incase anyone have had the same problem.When we try to excecute commands on the device (we have accessed it with ssh blah@1.1.1.1 -s netconf), the srx closes the...
View ArticleSRX IDP Policy - No counters
Hello,I setup my SRX220 IDP for the 1st time today. I wonder why I don't see counters on traffic outbound? Do I also need to setup an inbound Policy? The Guest Network listed is an internal wifi...
View ArticleSRX650: After the RG0 switchover, the Node 0 traffic is abnormal.
Dear anyone, The master control plane switches from Node1 to Node0. The master data plane is on Node0. Node0 traffic abnormality occurred. SRX650 [12.3X48-D30.7]; Node0 found some log, Dec 30 00:26:48...
View ArticleHow to prefer BGP route over IPsec VPN generated static route
Hi, all, I have a unique situation I don't have an obvious answer for. We have the need to interconnect with a customer by using MPLS-VPN circuit as the primary and IPsec VPN as backup, say we...
View ArticleSRX 320 Client VPN - number of clients limitation?
Hi all,I was trying hard to clarify if the 2 concurrent client VPN-s is still a limitation in Model: srx320Junos: 15.1X49-D45I remembered I had to buy and install licenses for a customer who needed...
View Article