high 'Real-time threads CPU utilization' on fwdd
As per subject.I have a high 'Real-time threads CPU utilization' on fwdd.Yet, 'top -H' or 'show system processes extensive' shows fwdd as only taking 30 to 40% CPU.... Help/suggesstions here ?
View ArticleSRX VLAN Tagged/Untagged Port (packet mode)
Hello all, I am losing my mind here trying to figure out what I am doing wrong with this config. I am off-site from the device and am attempting to do some testing of different configurations and...
View ArticleSRX340 SSD installation
I have been unable to find ANY documentation of the installation of an SSD device for logging in the SRX300 series.I HAVE found references that indicate the following:1) it is supported in our SRX3402)...
View ArticlePrivate VLANs - Juniper SRX Firewall
Hi allWe have a link from our Cisco switch to a Juniper SRX firewall where the Cisco end is configured as a promiscuous port. Over this link we configure a primary PVLAN. Connected to the switch we...
View ArticleNat'ing to public IP space before entering a route-based VPN
I'm trying to set up a route based VPN on an SRX340 to a Cisco ASA. The remote end will not allow private IPs to be tunneled thru and so i have to NAT the traffic on my side to public space before it...
View ArticleFrom ScreenOS to JunOS
Hello Expert, I'm changin some configuration from ScreenOS SSG-550M to JunOS SRX5600 but I have some doubts regarding this change: The current config in ScreenOS have several Virtual Routers my doubt...
View ArticleXE- 10G Interface no Power
Hello,We are installing a new SRX5600 and we are looking that some interface 10G are not working. [ALL SFP are Juniper] Looking the outpower output and there is nothing: show interfaces diagnostics...
View ArticleDoes latest junos D110 on SRX can assign fxp0 into VR?
Hi all, Im reading this url https://kb.juniper.net/library/CUSTOMERSERVICE/GLOBAL_JTAC/SRX-cluster-monitoring-best-practices.pdf and i'm interested on page 79. May i know whether using the latest...
View ArticlePotential slow peers Minor alarm
Hello, I've recently configured an SRX cluster. However, for one of the nodes I get the following alarm: node1:--------------------------------------------------------------------------1 alarms...
View ArticleLSYS on SRX5800 cluster not send log flow session to syslog after Cluster...
Hi all, I have facing wierd problem. On our two syslog server SIEM & Junos Log Collector we not see any flow session log send from LSYS on SRX5800 cluster after the cluster switch over. Previously...
View ArticleClik here to view.
Reverse Static Nat question on SRX
Hi everyone, Case#1set security nat static rule-set rs1 from zone untrust set security nat static rule-set rs1 rule r1 match destination-address 199.199.199.10 set security nat static rule-set rs1...
View ArticleTraceoption and packet filter for GRE encapsulated traffic on SRX
Hi everyone, Please coonsider the following scenario: H1-10.10.10.1---R1- f1199.199.199.1- tun10-------tun10---200.200.200.1 f1-SRX—10.10.11.2-G2R1 has GRE tun10 with tunnel source f1, tunnel...
View ArticleSRX3600 Spoof test
Hello , We were not using our SRX 3600 for nearly 2 years i just want to know if there is an update for this kind of syn attack . Attack is comming from spoofed source so any source ip is not hitting...
View ArticleBlock ICMP Interface Specific - Packet Mode
Hello all, I am trying to prevent my SRX340 (which is in packet mode) from responding to ICMP on a per-interface basis with the firewall family feature set. I am able to create and apply rules that...
View ArticleWhat is Juniper SRX
Hello , I want to know what is an SRX device , what is the aim of it ? I could not tell it is a ddos mitigator, because we have broken and locked the device in hundreds of way I could not tell it is a...
View ArticleSRX1500 RMA Secure return
We need to return an SRX 1500 using the RMA process. The unit is coming from a secure environment and trying to find the best way of returning the equipment with least traces of data- short of...
View ArticleClik here to view.
Having Issues Updating IDP Signatures
Hi Guys, Currently having some issues updating IDP signatures on my devices, just realized this recently. Getting the error of: error-message="Done;FetchingSignatureUpdate_tmp.xml.gzfailed, error:-1"]...
View ArticleClik here to view.
Cannot reset root password
I'm trying to run the root password reset and get through all the steps but the system will still not login me in with the new password. It just drops me back to the login: prompt. If I give it an...
View ArticlePacket mode interface failover
Hi, We have two SRX in packet mode. their are two ISP link connected on per gateway for redundancy.ISP1 is connected on ge-0/0/0 interface and ISP2 is connected on ge-0/0/1 interface. Here if...
View ArticleHow to advertise static routes in BGP
I will have a /24 routed to me over bgp, and I would like to subnet and statically route the /24 to various interfaces from my SRX340 in packet mode. I have set up an aggregation policy so that when...
View Article