new subnet needed on SRX220H2
Hi there, I need to set up a new subnet because I am being out of IP address. Now we use 10.196.24.X network with 255.255.255.0 subnet mask, gateway 10.196.24.1.I need to set up a new range like this:...
View Articlenested application
How to block a nested application but leave the main page available ??can this be done by using AppFW + IDP policy ???
View ArticleGroup VPN
is it a must in GVPN that all member must use the same key to communicate ?? or i can define different IPSEC SA to different match-policy ????For example i have 3 members A & B & C , i want A...
View ArticleUnable to SSH to SRX100 in DMZ from Internet
Hello, I have put my SRX100 into DMZ of my home router and I am unable to ssh to it from the Internet. As a test I put my PC with FTP server to the same DMZ(same physical port, same cable) and I am...
View ArticleSpontaneous Revert to Factory Defaults Twice in 15 hours
SRX 220, about 2 years old. Yesterday we lost all routing. A quick check revealed the unit reset itself to factory defaults. Logging in to the web GUI using factory-default IP (192.168.1.1) brought...
View ArticleEnable Layer 2 switching on VDSL2 interface
Hi all, I have a feeling that this might not be supported, but I would like to confirm this in case I am missing something Basically we would like to enable the ethernet-switching family on the VDSL2...
View ArticleClik here to view.
Error when commit in LSYS SRX5800 Chasiss Cluster?
Hi all, Is there anyone facing the error as per below when do commit in SRX5800 chassis cluster using LSYS. I'm already have open case with L3 Support but until now engineering team cannot duplicate...
View ArticleHow to bounce back node 1 to join cluster without reboot it ?
Hi all, Is there any command that make the cluster on node 1 back to normal after i delete the monitoring interface? Below is the log. Previously interface xe-23/2/4 was in reth2 but now i'm delete...
View ArticleSRX320-JSB
Dears,I have SRX320 with JSB version, and I want to use some MPLS functionality. Can I upgrade or install JSE on the same HW?or the SW is one time installation?
View ArticleSRX240 cluster with LACP through a Cisco switch
Hi everyone! I would like to ask for some help. We are trying to put together 2 SRX240 firewalls in a cluster with a Cisco switch between them and with LACP between them on the reth interfaces. The...
View Articlesame (sticking ) ip assignment for user in dynamic vpn
i have done the configuration for dyanmic vpn on srx 650 and able to connect the user to private network.how can i restrict a user to get the same ip address each time he connects from the pool. regards
View ArticleIDP ( ip actions)
i have a confusion regarding IP-actions which stop future attacks with matching attributes...why do i need to use it when the IDP policy itself stop the attack and record the target source address ???
View Articledownload limit policer issue
Hi My internet bandwidth is 30 Mbps.I have the policer configured to limit upload and download bandwidth to 2 Mbps to certain user groups.My LAN is connected to ge-0/0/0 and WAN is connected...
View ArticleSRX300 - 15.1X49D-90.7 Configuration
For my private office I needed to radically improve my security capabilities, hence the introduction of an SRX300. I am trying to get basic functionality sorted before expanding my use of VPNs and...
View ArticlePKI
why there is the option digest in the command : request security PKI generate-certificate-request <Digest> ?????? my point is the CA is one who should make the digest and then sign it with its...
View ArticleWe are getting error at login time: /usr/libexec/ld-elf.so.1: Cannot open...
We are getting error at login time: /usr/libexec/ld-elf.so.1: Cannot open "/usr/lib/libjunoscript.so.1”can't login from console also, what is the reason? anybody help me to restore the issue.The...
View ArticleBinding multicast mac address on SRX Chassis Cluster?
Hi all, My physical topology as per below. My question does all the devices before it can reach SRX5800 need to configure something static arp also same as SRX config below? Porta-Web-Voice (virtual...
View ArticleCreate custom destination-port in firewall filter
I was wondering if it were possible to create a custom "destination-port" for use in the [firewall] filterThen create a "protocol set" I want it to be similar to the Cisco ASA ACL using custom objects...
View ArticleFabric Monitoring
Is it safe to enable chassis cluster fabric monitoring on production firewalls with no impact to service?
View ArticleClik here to view.
PKI- validation
would someone please explain to me this Note : why would the initial response be authenticated by the CA-Certificate
View Article