How to get "Session Creation Per Second"
We have been trying to collect how many sessions are created per second by using this command but every time filed.show security monitoring fpc 0 |no-more every time this answer is "0"Dose this comand...
View ArticleJuniper Part Number for Anti-Virus subscriptions on SRX340
Does anyone know what these are? I've looked here and on CDW etc....and can't seem to find anything..... Thanks! -Matt
View ArticleSRX Upgrade from 11.4
Hi folks, I need to perform an Upgrade via ISSU from 11.4R9.4 / 11.4R10.3 to 12.1X46-D65.As far as I can tell a direct ISSU will work without intermediate Versions, correct? I found the following "nice...
View ArticleIs it true cluster ? SRX-220
Good day everybody. I have an issue with a cluster of srx220I've made cluster step-by-step based on https://kb.juniper.net/library/CUSTOMERSERVICE/GLOBAL_JTAC/NT260/SRX_HA_Deployment_Guide.pdf I have a...
View ArticleScreenOS to SRX migration with Configuration Mapping
Hi, I am doing migration of ScreenOS to SRX and get below commands, need to know similar commands for SRX or way to able to achieve by these commands. set envar ipsec-dscp-mark=yesset envar...
View ArticleUTM Whitelist not working
I need to setup the SRX UTM to allow only white listed urls. My problem is that the white list is not working. The black list does work so I know UTM is working. Can anyone see what's wrong in my...
View Articlesrx 240: permit any to any inside traffic desn't work
SRX 240B with JUNOS Software Release [12.1X46-D35.1].All inside traffic pass through the same interface ge-0/0/1: ge-0/0/1 { unit 0 { family inet { address 10.246.0.1/16; } }I added static route :route...
View ArticleFlow mode and packet mode combination for cluster
Hi, The customer has 3 ISP link(1 lease line (BGP), 1 MPLS and 1 P2P) and one internal VLAN.The customer is expecting flow base clustering for HA and packet mode configuration for ISP and VLAN. Can...
View ArticleClik here to view.
SRX100 - Problem to ping logical access vlan interface.
Hey everyone ! I currently have a srx100 Juniper. My wish would be to define multiple access vlan on a physical port of the Juniper. To validate my configuration I realise a ping from my PC...
View Articlesyn-ack-ack and limit session
HII would like to know too, if the limit session consider a complete threeway handshake as a session, or only a syn sent by a source?I would like to understant the relationship between the follow...
View ArticleSite to Site VPN between SRX210 (HA Cluster) and Standalone Cisco ASA
Hi I need to configure Site to Site IPsec route based VPN between SRX210 (HA cluster) and standalone Cisco ASA. Please share sample configuration for same. Quick response is highly appreciated.
View ArticleSrx100
I have an srx100 firewall set up by a another. It is used for PDQs so used static binding for the Mac addresses of the PDQs to set addresses etc etc.I'm wanting to change some of the old mac addresses...
View ArticleStatic binding and srx100
HiI have an srx100 firewall set up by a another. It is used for PDQs so used static binding for the Mac addresses of the PDQs to set addresses etc etc.I'm wanting to change some of the old mac...
View ArticleSRX300 and VPN tunnel interface
Hi,Can anyone tell me how many tunnel interface is in SRX300 ? In datasheet is information "IPsec VPN tunnels: 256" - does it mean 256 tunnel interface ? So far (ie SRX100) datasheet say:"Concurrent...
View ArticleDoes Changing MTU/MSS Need Reboot
Hi Guys I am about to make changes to a customer SRX to make sure MTU/MSS are good for the IPSEC VPN that they have. Will these changes require reboot of the SRX? AmitNetwisdom...
View ArticleSSH failed to delete .perm file
Hello After I upgraded SRX100 software to version 12.1X46-D55.3, then I started to see following log messages after I login usin SSH. Mar 3 09:26:20 xxx-xxx sshd[15082]: unlink(): failed to delete...
View ArticleMACsec silently fails on SRX300 -- security hole?
Per the data sheet, the SRX300 supports MACsec on 2 ports. The documentation doesn't say which. For the avoidance of doubt I've tried this both on one of the obvious likely candidates (the two SFP...
View ArticleHow to log UTM blocked and permitted-logged URLs?
I need to see what URLs are being blocked by UTM using Enhanced WF.
View ArticleDHCP, SRX320 and out of my depth
Hello All,I'm sure someone will look at this for about ten seconds and spot my issue. So if you're out there, I appreciate your help in advance. This is my first foray in to Junos/SRX as I'm replacing...
View Articlesyslogs for a specific routing instance
folksdoes anyone know if its possible to separate the logs for a particular routing instance and its rules from the master and other instances?thanks to anyone taking the time to reply
View Article