Adding 2 public IPs to SRX220h causes the site-site VPN go down
Hello All,Here is the scenario. We have site1 with SRX220h and site2 with SSG5 routers. Both are connected using policy based IPSec vpn with preshared keys. We also have static NATs and related...
View ArticleJuniper SRX550 issues
hi,gays I have a problem with Juniper SRX 550 HA,My interface Reth3.0 have five ip address in CT-2 VR. But i can not ping internet using 222.73.109.XX5, just ping can not ! the other address normal....
View ArticleAny Tools for migrating from SRX240 to SRX340?
Does anyone know if there are tools to ease migration from an SRX240 to a 340?I'm finding the config files don't just flow straight over between JunOS 12.x and 15.xThanks, -Ben p.s. I did see a link...
View ArticleSRX vs SSG Performanc
Hello, Wondering if you could help with an issue we are seeing with performance of a particular application is much better when routed through a SSG 550 than via an SRX550. When using the built in...
View ArticleLog Stream 2nd host IP
On a SRX1500 there is currently a log stream setup which is sending a copy to a log server and i would like to have the logs sent to a second server. How would i set that up, when I tried to add a...
View ArticleSame serial no at RE1 for both cluster setup on SRX5800?
Hi All, May i know if someone here has setup SRX5-series cluster with redundant RE (dual control link). Is it expected the RE1 on both node has same serial no when do command "show chassis hardware"?...
View ArticleSRX honeypot
Does SRX support honeypot ???would someone please explain the function of this utility as all i know it makes the device impersonate an application server
View ArticleIDP protocol decoder
please help me correct my understanding regards IDP protocol decoder : 1) The main functionality of protocol decoder is to verify protocol integrity ( which means the protocol meet the standard...
View ArticleCapturing security flow messages (RT_FLOW)
Hi, I am trying to understand why some SRXs I have are showing RT_FLOW_SESSION_CREATE messages in the logs and some are not. Looking at the configuration they are all the same for logging to the file...
View Articleconfigure nat on srx
Hii have one srx and i have to do one configuration of nat, with source and destination to connect 2 firewall with static route and i use this config. some could i tell me it is fine or wath kind of...
View ArticleSRX 3600 SPC NPC throughput
Hi All, I have question on the max throughput of the SRX3600. From my understanding the NPC is limited to a 10 Gigabit full duplex connection to the SPC(this is an older doc I found on the 3600)....
View Articleevent-option events to trigger
Hello All, I would like to know on what event i can trigger when detecting chassis cluster control/fabric link port is downwhat i want to achieve is to disable a node (in cluster) when there event when...
View ArticleSRX specific web traffic to appliance
Looking for a way to direct all web traffic (http/https) destin for address proxy.company.com to get directed to a web appliance. Again only looking for traffic destin for proxy.company.com to get...
View ArticleCONFIGURE ONE INTERFACE WITH BGP O A SRX 300
HI how can i configure one interface on bgp on my srx regards
View ArticleUse domain controller to assign addresses to dynamic vpn?
I have my dynamic VPN up and running and would like to know if it is possible to have the domain controller deliver IP addresses via DHCP to the dynamic-vpn clients?
View ArticleWorking linux dynamic vpn client for SRX320?
Hello.Does anyone know of a _working_ linux dynamic vpn client solution? I have a SRX320 unit for which I configured dynamic vpn with AD authentication. Windows Pulse client works perfectly well but I...
View ArticleClik here to view.
SRX100 - Problem for modifiy a static NAT
Hi everyone ! One of my client have a srx100 Juniper and i meet a problem for replace a static NAT. To the juniper, a technician have create a static NAT 2 years ago (in the menu NAT → Static NAT) ....
View Articlechecksum Vs Hash digest
both checksum and digest provide the ability to gurentee that the data was not modified So what would make Hash code better than checksum ??
View ArticleSSL Handshake
when a client web browser establish an SSL handshake with a webserver >Both of them exchange a 32 byte preusedo random number and from both random numbers will be used to compute a pre-master...
View Articlemonitoring security flow trouble starting
Hi All, I'm trying to debug some traffic and I've always done the method of setting up packet filters in edit mode with a commit. However I've discovered the monitor security flow commands today,...
View Article