Clik here to view.
SRX 3K SYN proxy problem
Dear friends , we already setup syn & ack proxy but it does not worked , instead of the proxy it detect syn flood.
View ArticleWhy i hate srx and will replace it with fortigate soon
I am getting tired and tired of my juniper srx240 first the web GUI is crap, i wish there is a word worse than crap i can use but i will not say more on that secondly i freaking hate the dynamic vpn...
View ArticleSRX COMMIT FAIL-nterface must be configured under interface
Hi techies, I am testing SRX and I am getting error while commiting changes. No interface is moving into security zones. Error is Interface ge-0/0/2.0 must be configured under interfaceserror:...
View ArticleCaptive portal radius accounting
Good Afternoon We have a customer that will have wired and wireless devices. We require to keep trake of data usage per user. Does the Captive portal when using radius auth pass on accounting data?...
View ArticleSRX cluster, dual ISP's in use all times
Hello everyone, I'm trying to configure a setup, where I have a clustered configuration of 2 SRX 220's, while utilizing dual ISP scenario, where I'm only concerned about failing over if one of the...
View ArticleSimple 1 sentence question
Should SRX 3600 work as syn proxy / chek syn cookie on bridge mode ? i mean with bridge mode : there are 2 MX router and there is an SRX 3K between of them i am routing traffic to SRX and re route to...
View ArticleNeed advice
I need a topology advice. We have an mx80 Router which has 4 port of 10Gbps 1 of them for upper stream other 3 is empty. we have an 10G UDP firewall which need to only face with udp traffic if tcp...
View ArticlevSRX not picking up an IP address
Hi all I just downloaded vSRX and booted it up with my vmware workstation. But none of the interfaces are picking up any dhcp address. I set ge-0/0/0.0 to dhcp but during run mode I don't see an IP....
View ArticlevSRX cluster setup root password complexity question
Hi all I am trying to setup a vSRX cluster, via the the web gui. For the secondary unit it asks for the new root password to be set. When I tried my default password that I use for any of my lab setup...
View ArticleTroubleshooting DHCP relay
Hi, SRX650 How to apply this filtering with "sample" mode , in to order to sample destination-mac-address to PCAP file . [edit firewall]family bridge {filter evil-mac-address {term one {from...
View ArticleAWS VPC VPN IKE Timeout
We have been trying to setup a connection from our SRX240 to our AWS VPC without much luck. We followed the JunOS configuration provided by AWS exactly as written (except for replacing the names of the...
View ArticleSRX with four ISP, Traffic can go out from Internal Work with FBF, but can...
I am four ISP, I set four FBF input filter on the intrenal interface, traffic can go out. But I ping the four ISP interface from outside, no echo reply, but i missing ? I need to change from ssg to...
View ArticleMultiple external interfaces with different Gateway
How to config Multiple external interfaces with different gateway?I use 4 vlan to seperate multiple interfaces, such as reth0.1, reth0.2, reth0.3, reth0.4In the internal interface, I use FBF and apply...
View ArticleInterVlan Problem
Hi,I have a problem with a topology and I can´t find a solution. I want to do a InterVlan with one SRX110 and 2 Switch. I have connected the truck in the interface 7. This is connecected in the port 1...
View ArticleBGP type internal / external
When setting up BGP I note that peering succeeed despite not using type external or internal. Can somone please shed some light on the specific purpose of these options under bgp group stanza. thank you
View ArticleUnable to HTTPS to the webgui thru a VPN st0
SRX-100 at our remote site.When I try to HTTPS://192.168.203.1, I get the following error:Access Error: 401 -- UnauthorizedInterface is not authorized for HTTP access I am at the corporate office. We...
View ArticleSIP Issues with SRX 240
We have set up an Aserisk server to test SIP , SIP ALG has been turned off on the SRX. The phones are on voice network 10.3.0. where as the Asterisk is on 10.1.0 network. In this scenario the phones...
View ArticleSRX show which traffic is hitting the deny policy
Hello, I very often use the 'show security flow session' to see traffic being permitted and creating a session. However, What do you use to show traffic which is hitting the deny policy ?? Many...
View ArticleSRX- 650 || Policy Based VPN || Communication Issue
Hi I've built a Policy based IPSec VPN and having issue communicating from SRX box to far end LAN- 192.168.5.0/24 The VPN Tunnel is UP and LAN to LAN comminication is working without any problem....
View ArticleSRX 3400 |12.1X46-D30.2| Static NAT
Hi all, I'm pulling my hair out here. I have this one rule where its sourcing from the static NAT IP. cbo@SRX-1> show configuration security nat static rule-set rule_L4 rule L4TA25 match {...
View Article