SRX VPN question
Hello, I have a small network which contains 3 sites. HQ, Site 1 and Site 2. There is a picture attached. I have a route based vpn configured from HQ -> to Site 1. It works fine. But when I have...
View ArticleMultiple Wan subnets on SRX550 in HA
Hi I need help with correct assign new WAN IP pool to our SRX550 in HA 1. old pool xx.xxx.232.136-1392. new poolxx.xxx.239.17-29 Actual configuration:WAN interface reth0 { description "LINK TO INET";...
View ArticleSRX timeout
Looking for assistance on applying a custom application that would set the Inactivity-timeout to never and not cause issues to a site to site vpn that it will be applied to. Reason for this is that a...
View ArticlejnxJdhcpLocalServerDuplicateClient traps
I recently reconfigured an SRX300 to use JDHCP. It had been using the deprecated DHCP configuration. Now the firewall is sending hundreds of SNMP traps like those below.As far as I understand the trap...
View ArticleRe: L2TP over IPsec to Microsoft RRAS
Hi Clatham, Would you please share step by step I need to configure my SRX 240 to allow traffic to RRAS server from outside!It would be very helpgu; to explain a little bit more from where should I...
View ArticleSRX210 Multicast PIM
I have been able to pass multicast traffic from one srx210 to another and all works well in only one direction. Is there a way to pass the multicast trafic between srx's in both directions = senders...
View ArticleJunos-Host
i need an expert guide regarding Junos-Host zone:*Would please provide me with examples or cases where you have to use junos-host zone ????? >i figured out that i should use Junos-Host for example...
View ArticleTrafic Monitor on SRX210H
Hi all, I dont see any traffic/packets when i run the following: root@SRX210> monitor traffic interface ge-0/0/1 matching "host 192.168.1.2" no-resolve extensive Address resolution is OFF....
View Articletransparent mode rate limit with per IP
Hi all,I have a srx550 with transparent mode ,How can I configure rate limit with per IPfor example ip1 192.168.0.2 bandwith limit 2Mip2 192.168.0.3 bandwith limit 3M
View ArticleSrx240 and avaya ers5000 5510 MSTP
Juno's 11.47, ers5000 6.2. I have srx working in mstp mode with cost and msti going. I see that the avaya has cist working but I'm wondering if the srx has a special union of vlans. I have multiple...
View ArticleFirewall rule not working
I intended the policy to allow only a single source address to be allowed to access the port but it seems to allow any IP address to establish a session. What am I missing? policy TEC_Panel {...
View ArticleClik here to view.
TCP-RST
why do i need to enable this feature ???? will it protect me from attack or something ????
View ArticleDynamic VPN replacing Cisco Concentrator
Hi We are replacing Cisco VPN concentrator with Juniper SRX cluster, so I have a couple of questions; - Do I have to user reth or Lo0 interface for the VPN termination? - In concentrator each group of...
View ArticleUser Role Firewall
i have read about user role policy ???but i dont know why i would use it or when to use it ??have any one working as a security engineer knows when or why i would use it ?
View ArticleSRX 300 using ACTIVE DIRECTORY to authenticate users and allow access to the...
Hello , I have an requirement of SRX 300 firewall to use Active directory to authenticate users and provide access to the resources behind the firewall .We have many groups created in Active directory...
View ArticleHow to set up Remote Access VPN at SRX300
Hi I use the following products:: SRX300 version 15.1X49-D80.4 I would like to use Remote Access VPN, and attempted to configure with looking following...
View ArticleDHCP: two IP for one MAC???!!
Hello.SRX Model: srx100bJUNOS Software Release [12.1X46-D66.1]part of the config:~~~~~set system services dhcp static-binding 00:17:c8:45:51:1e fixed-address 192.168.132.21set system services dhcp...
View Articleaddress persistent
How does address persistent reserve IP address for the internal host from SRX point of view ?for example :>If an internal host initiate a telnet session to outside host ??Does the SRX will reserve...
View ArticleClik here to view.
Persistent NAT ,
how does this LAB is going to work and port overloading is off ???? * it is suppose that if it is off the SRX will not be able to differntiate between 2 hosts using the same source port
View ArticleDHCP: POS can't get address
Hello.here is my box SRX Model: srx100bJUNOS Software Release [12.1X46-D66.1]part of the config:~~~~~set system services dhcp static-binding 14:1f:ba:e3:9b:65 fixed-address 192.168.132.22set system...
View Article