Entire FPC restart on both node on SRX5800 for second time in this month?
Hi All, I'm facing the entire FPC reboot itself on both node in cluster. Below is the log. Currently i'm already configured RE protect (tcp) by using policer. Is there any way to protect it also from...
View Articleaddresses set by dns-name & security policy
Hello,We just moving from SRX210HE (JunOS 12.1X46-D65) to SRX300 (JunOS 15.1X49-D90) & unfortunately found out that addresses set as 'dns-name' are not correctly used/recognized inside security...
View ArticleUDP Flood Threshhold issues
I'm trying to configure my SRX and finding issues with UDP flood warnings from Gooogle and my voip providor. I have already raised the threshhold to 5000 and am still seeing issues. Doing some...
View ArticleSNMP Help needed
I'm fairly new to Juniper and was tasked to configure our FW to use SNMPv3. We have SNMP configured, and we're using Cacti on a Linux host to monitor graphs and to collect SNMP data. However, it's...
View ArticleSRX NAT
Hi,Well basically I am much new to SRX environment and I need to NAT a public Ip to 2 private IP's on different ports.In Cisco it is quite easy but in JunOS I dont have a clue how it is to be done,...
View ArticleDCOM RPC ALG or pushing SCOM agent installation over SRX
I am trying to push SCOM agent installation over Juniper SRX firewall. The process uses, among other ports, a port set defined as DCOM RPC which basically looks like an MS-RPC ALG application...
View ArticleIs there otherway i can login to RE1 on chassis cluster SRX5800?
Hi all, May i know whether have hidden command that we can use to login RE1 for chassis cluster on SRX5800 without console physical? I'm using redundancy control link thats why have RE1. Thanks and...
View ArticleSRX650 does´nt boot up!
Hi AllMy SRX650 does´nt boot up!After plug the energy cable, appear a prompt blinking and nothing after that.Could you help me?Thanks in advanceDaniel Dantas
View ArticleSRX1500 - Reth
Hi, I Could someone please clear up a point of confusion for me: I have configured an "active/active" and also an "active/passive" successfully, but there is one part of the configuration that is...
View ArticleCannot upgrade firmware on srx1500 due to not enough space?
Hi all, Anyone face cannot upgrade firmware on srx1500 due to storage space. I'm already clean the storage but still fail. Appreciate fast feedback because now i'm already at site infront of chassis....
View Articlesrx chasis cluster redundancy groups
HiI want to ask what is the best practice to configure redundancy groups.I am deploying active/passive srx cluster and have 4 links 1xWAN 2xStS connect and 1xLAN.Should I put every link to seperate...
View ArticleDF bit set in inner packet and GRE imposed header
Hi everyone, I am trying to find some docs to find if SRX copies DF bit from inner packet into GRE header when doing GRE tunneling.Also if TTL value of inner packet is copied into GRE header by...
View ArticleSelect device to boot from
I did an upgrade on my SRX and purposely left the old image on the disk - just in case. So now, things look like they are working okay and I was going to snapshot over the old image. Before I do, I...
View ArticleSRX1500 Strange Cluster Behaviour
Hi, Running 2 x SRX1500 that are currently directly connected via the HA Control Port and 2 x FAB ports (Fibre on ge-0/0/12 and ge-0/0/13 and ge-7/0/12 and ge-7/0/13). Running the command "show...
View ArticleSRX210 behind ISP Modem
I hope I do a descent job explaining this. I want to put my SRX210 between my home lan and the internet. The internet access is controlled through my cable modem. If all the home lan machines were in...
View ArticleIPSec VPN will not establish. Error in KMD log
Hello, Has anyone seen this error before. This is from the KMD.log file. [Sep 24 02:21:04]KMD_INTERNAL_ERROR: kmd_read_securitycfg: dax_get_object_by_path() returned FALSE, secop: 0x0.[Sep 24...
View ArticleLog rules between 2 zones
Hi,I have multipe zones on my SRX5400 and I want to log Accept and Reject packets. security-zone ZONE1 { interfaces { reth0.4 { host-inbound-traffic { system-services { ping; } } } } } security-zone...
View ArticleSRX 1500 LACP issue's connecting to EX4200 and Extreme X460-G1
Hi All I have a wired problem when using LACP from a pair of Juniper SRX 1500's and connecting to a Pair of Juniper EX4200 and Extreme Networks Summit X460-G1 Stacks. The problem is when I have both...
View ArticleProblem to connect SRX to Cisco router
ello all,I try to connect a Juniper SRX with a Cisco 1841. The first one is connected with a VLAN interface:reth0 { description "Link to Cisco 1841"; vlan-tagging; redundant-ether-options {...
View ArticleClik here to view.
VLAN tagging on SRX 100
Hello everyone. I just bought SRX 100 and deleted all the default config. Please consider the following set up: Cisco R1 f1 199.199.199.10---------199.199.199.1 f0/0/0 SRX Cisco R1 and SRX should talk...
View Article