Firewall stuck
Hi I have SRX 3600 firewall. It gets stuck at => prompt. I set env settings (e.g. ipaddr, serverip, subnetmask) and then try to load the loader to upgrade new device firmware via tftp. But device...
View ArticleIs is have traffic impact?
Hi all, may i know if i add command "set security nat source address-persistent" in the life traffic nat is it will impact the current traffic? One more thing what actually purpose of nat source...
View ArticleQuestion - Configuring two DHCP server
Hello all, I've been using a DHCP server for long time, and configuration is in place and working (This is an SRX in Chassis cluster). Now I want to use a new DHCP server but only for 2 interfaces as a...
View ArticleAccess Internal IP of firewall over VPN - SRX 340
I am currently setting up an SRX340 in chassis cluster mode, however when VPN'ing in I cannot seem to access the internal IP of the SRX firewall to manage this device. I have tried setting up various...
View ArticleVPN Route issue with traffic selector
Hello All,I got srx240 (Version : 12.3X48-D40.5) in cluster mode. I got 2 ISP links terminated on each node( active/backup) . IPsec VPN tunnel configured on each ISP for remote access. Totally I have...
View ArticleDestination NAT for PPTP failing randomly
Hello, I would like to know if anyone has experienced something similar and/or find out if this is a known issue? The issue: we have a policy ( untrust to trust ) to allow pptp traffic to an internal...
View Article"verify-sig:" error when upgrading software on an srx650
I get an error when upgrading the software package on a SRX650. I have 2 identical 650s, one had no issue, one gives an error. I have tried downloading 2 different packages, same issue. I have...
View ArticleSRX and ESX Configuration Assistance For Newbie
Hello, I have two networks at home which right now are all part of the same network with the exception of two physical wireless APs on separate SSIDs; one for work and one for home. I own a SRX240H2...
View ArticleSRX5800 -->minor alarm Mixed Master and Backup RE types?
Hi All, I have buy SRX5800 with dual RE. May i know how to clear chassis alarm as per below: root# run show chassis alarms 1 alarms currently activeAlarm time Class Description2017-02-23...
View ArticleSRX 1500 Software Upgrade Error
Hi everyboy, i try to upgrade a SRX 1500 from 15.1X49-D60.7 to 15.1X49-D70. I tried the installation package called "junos-srxentedge....", but i got an error: root>...
View ArticleSRX3600 SCTP Sec policy junos-gprs-sctp vs junos-sctp-any
Hi, we're about to configure some security policies on a SRX3600 box for SCTP traffic So far the security policy is buit-up with the src&dest ip subnets and application set to junos-sctp-any i...
View Articleenaling ssh service on loopback interface in srx1500
Hi all, i want to configure ssh service on my loopback interface in srx1500.i put this interface in trust zone and enabled services all and protocols all on this zones.and beside that i enabled...
View ArticleClik here to view.
[JSRX210H] Deleting commands results it syntax error, expecting ';', [Enter],...
Hello. I have JSRX210H and recently I configured access from outside to my virtual machines, like this: edit security nat destination set pool dst-nat-pool-student-vm1-ssh address 172.16.254.155 port...
View ArticleUnable to SSH/HTTPS Secondary node on SRX 5800 Cluster
Hi Experts, I am facing the issue accesing secondary node in SRX 5800 cluster from management network.below is the config.. Set version 15.1X49-D60.7set groups node0 system host-name node0set groups...
View ArticleConfiguring maximum bandwidth shared between two logical interfaces for cos
We are trying to setup some COS policies with percentages of the total bandwidth assigned to interfaces.Some interfaces connect to the same internet connection and should share the same configured...
View ArticleSRX5800 LSYS suddenly ignore the security policy?
Hi all, Is there any one here exprience the LSYS in SRX5800 suddenly ignore the security policy that we area created? For example i'm create the new security policy and after i do command show security...
View ArticleHow to change ssh default port for extra security in srx1500
Hi all, i want to change ssh port to 2222 for extra security in srx 1500 , how to change it any configuration pls...
View ArticleTraffic not passing/Session not showing on Primary SRX 3400
Hi All, We have two SRX Firewalls 3400 running in HA recently we are facing some issues in it. We have a switch that was accessible previously using 10.11.5.173 IP but now its not accessible.After...
View ArticleAgressive tunnels SRX300 15.1X49-D75.5 fail to work
We have around 80 odd sites with ipsec route based tunnels and some with agressive tunnels that have 4g or natted connection.We have just added a nex SRX320 into the mix and it wont get phase1 with an...
View ArticleMTU size different between physical and logical interface
Hi all I thought MTU is a physical property of the interface according to my JNCIA? So how come reth1 below has two different MTUs? Which one is the accurate one? Thanks {primary:node0} FW> show...
View Article