Globalizing ipv6 addresses, srx240.
I have been able to globalize my link local addresses(fe80) on the network(external/internal). I have not been able to globalize my global(2001/2601) addresses. My dhcp configuration shows this as an...
View ArticleWindows Server 2016 MSRPC Issues
Hi All, Just a heads up that Windows Server 2016 appears to have issues with the 15.1X49.D100 MSRPC ALG. I have been trying to get a Win 2016 Server to join an existing domain, however the MSRPC ALG...
View ArticleFirewall filter block source nat
HelloMaybe someone can help with my problem. I have srx cluster with firewall filter rule on engress interface.Also i have one subnet 192.168.2.0/24 behind the srx and there was source NAT for...
View ArticleMigrate from SRX220H to SRX220H2
Hi. At the moment I use an SRX220H [12.1X46-D65.4] and I would like to buy another one for backup/upgrade purpose. I do not need a high availability setup (cluster), so I think I will purchase an...
View ArticleLocal certificate sometimes removed after reboot
Hi,We have a hub/spoke IPSEC environment using PKI+NDES for certificate enrollments. Everything works great except from when there is a power outage or if a spoke reboots for some reason then the local...
View ArticleVPN site to site Juniper-Cisco with 8 encryption domain
Hello, I’m trying to configure a site to site VPN between a Juniper SRX 550 (my side) and a Cisco ASA 5555 (partner side). They imposed the configuration and I try to match it. I have no detail of the...
View ArticleClik here to view.
How to recover SRX240 w/o OS
Hi, I just got an SRX240H without OS. It boots like that: => reset U-Boot 1.1.6-JNPR-1.7 (Build time: May 4 2010 - 06:59:58) SRX_240_HIGHMEM board revision major:1, minor:42, serial #: AACS2471...
View ArticleSRX session creation doubt
Hi, all, I have a scenario that SRX worked, but I am not sure it wored the way I am expecting it to work, look at the following topology: +--[ge-0/0/0]--...
View ArticleSRX 240 strange destination nat work
Hello, we have SRX240B on one site. Strange things hapens with this srx. On SRX installed JUNOS 12.1X46-D65.4 built 2016-12-30 software. On srx is configured many destination nat rules. Then i want to...
View ArticleSRX does not send router advertisement on reth interface
Hello, we have srx210he2 operating in chassis cluster and would like to provide ipv6 access for our local network.Here is configuration:admin@GW0# run show version node0:...
View ArticleIPv6 traffic from SRX side does not go through IPSEC tunnel between SRX and M7i
Hi! It seems that SRX is unable to encapsulate ipv6 traffic over ipv4 ipsec tunnel.We have this topology: st0.0 10.15.15.34/30 10.15.15.33/30 sp-1/2/0.7 st0.0 2fff:ffff::e/126 2fff:ffff::d/126...
View ArticleIneligible hold timer not expiring on SRX 340
Since upgrading SRX 340 from 15.1XD60 we are seeing a strange behaviour where the Fab 0 link does down taking down the cluster , rebooting the secondary node temporarility restores the cluster heath...
View ArticleUnable to access ntp/radius server from reth0.0
Hi,my srx5400 is configured with 4 zones:- Zone 1 is for ADMIN- Zone 2 is for USERS- Zone 3 is for TESTS- Zone 4 is for SERVERS reth0.0 is zone 1. It's my administration network. The srx IP is...
View ArticleHow to use web-filtering juniper-local & juniper enhance at same time?
Hi all, I'm in on the way testing UTM feature. When it come to web-filtering, may i know whether is have other way we can user juniper-local & juniper-enhance both at same time? Thanks and...
View ArticleSRX340 problem getting traffic to server via NAT
Context: I'm a Juniper neophyte, but I have a number of years of experience with Cisco I'm attempting to get traffic passed through our SRX340 to our nginx server that proxies all the traffic to our...
View Articleis it Sky ATP create realm down?
Hi, Can someone try to create security realm using Euro? When i'm try login then error appear. https://euapac.sky.junipersecurity.net Thanks and appreciate any feedback
View ArticleNo ssh root access after upgrading to JunOs 17.3R1 on SRX300
After upgrading our SRX300 from 15.1X49-D100 to 17.3R1 yesterday everything continued to work just fine, except that we now get an "access denied" error when trying to login via ssh. The OS upgrade was...
View ArticleSTATIC NAT and PROXY ARP Scenario on SRX
Hi everybody, Please consider following scenarios: CASE1 Host)10.10.10.10/24----10.10.10.1/24 F1 SRX F2 /1.1.1.1/24---1.1.1.2/24 PE-Internet Above we are using STATIC NAT, so whenever Host...
View ArticleStatic NAT Question
We are configuring static nat for various translations using /32 addreses that are not part of the address space configured on the interface and I need to get the /32 addresses into the routing table...
View ArticleRestricting access to a site-to-site VPN connection
For compliance reasons I need to be able to restrict what users or computers are able to traverse a site to site tunnel to our colo facility. From what I've read here and in the KB it isn't clear to me...
View Article