Setup SRX cluster
Hello Experts, This is the first time I am trying to setup clustering in a SRX firewall. So please excuse if there is any silly mistake I made.I have done the configs in both the devices and then...
View ArticleVPN Connection access problem
Hi all,I have a problem with vpn access. I have 2 sites, lets say Site A and Site B connected together. When I connect to SiteA' s VPN theres no connection problem. I can connect to both sites servers...
View ArticleAlarm/notication around schedule srx policy
Im sure most of you that works with firewall have come across all this rules that was done like 5 years ago that was supposed to be temporary (have comments like will be removed after 20/2 2012 etc) Im...
View ArticleClik here to view.
How to bypass some attack database list?
Hi all, Currently on my IDP, im use Recommended policy template. May i know how i can make exception IDP block some attack especially attacj as per BOLD highlated? {primary:node0}test@srx5800> show...
View Articlesource to destination access through 2 NIC PC
Hi,Host(source) machine has 2 NIC cards. If 1 NIC disabled then only host can reachable destination IP address. If both NIC "Enable" host can reachable up to gateway IP address only. we have 2 firewall...
View ArticleSRX Traffic Log
Hello Experts,I have done the below config to enable logs in a SRX Firewall.file traffic-log { any any; match RT_FLOW_SESSION; } file accepted-traffic { any any; match RT_FLOW_SESSION_CREATE; } file...
View ArticleRe-ordering Policies on SRX1500
Hi everyone, I am new to Juniper environment and just to know the orders in which Policies are evaluated. and if i make a new policy then whats the way around to put it on the top so that it is...
View ArticleSRX320 Power Specification
Rather than run off of the supplied 120VAC brick, I'd like to run an SRX320 off a system DC supply. The local station nominal 12VDC supply is 13.8-14VDC. I can't find any documentation on the min and...
View ArticleL2 channel errors betwen SRX550 and ex4200
Hi, We're viewing cumulated L2 channel errors on SRX550 ports which is part of aggregation connected to EX switch admin@SRX550-DC-SH> show interfaces ge-0/0/1 extensive | match "L2 channel errors" |...
View ArticleSRX340 Firmware Help!
Greetings, I am new to Juniper devices and have encountered a problem when updating the SRX340 firmware, it's probably something minor but I can not seem to locate the cause of my issue. The current...
View ArticleStatic NATing public IP on untrust interface to private IP on remote side of VPN
I have a SRX300 configured to accept traffic from Untrust interface for 5 different static public IPs.Each public IP maps to an internal IP (web server, etc...) on the LAN connected to Trust interface....
View ArticleIPsec tunnel up, no traffic flowing
Hi I just configured my first VPN but no traffic is flowing betweens sites. My remote site IP is: 10.31.30.0/24 and 10.31.200.0/24. and local is 10.31.10.0/24 Here is show security ike:root@i3d-r1>...
View ArticleSRX110H2 DHCP Problem
Hello, After commiting configuration regarding any DHCP settings (IP address reservation for example) on our SRX, DHCP stops working and we need to physicaly restart the box. Restarting services doesnt...
View ArticleConfiguer bespoke Ports
Hi, I have configured a security policy that works as I expect it to by denying ping to the RADIUS server from anywhere other than one particular interface.I also need to set the said policy with...
View ArticleSRX Redundancy group Priority
Hello Experts, I have done the below configs in a SRX FW cluster to edit the default priority of a Redundancy group. However the the priority value is not changing. user@srx-a> show configuration...
View ArticleInterface monitoring and failover
Hi,Please go through below configuration and suggest your openion on my requirement.1) If node 0 interface ge-0/0/2 goes down/disconnect node 1 interface 5/0/2 need to active and pass traffic but node...
View ArticleNo traffic across reth
We have a SRX340 cluster that we're trying to connect up to a virtual chassis consisting of 3 EX3400s, and haven't been able to get traffic to pass across the link between them. All the interfaces...
View ArticleBlock IPv6 DNS Requests
Hello allIs it possible to block IPv6 (AAAA) DNS requests from clients but still allow IPv4 requests on an SRX firewall? Any guidance would be appreciated.Thank you.
View ArticleL2 channel errors betwen SRX550 and ex4200
Hi, admin@SRX550-DC-SH> show interfaces ge-0/0/1 extensive | match "L2 channel errors:" | refresh 5 ---(refreshed at 2018-02-18 10:26:29 UTC)--- Errors: 0, Drops: 0, Framing errors: 0, Runts: 0,...
View Article'HA control port cannot be configured' Error
Hello Experts, I am trying to setup clustering in a lab SRX devices. But I am stuck at this error. user@SRX100b-2# show interfaces fe-0/0/0 { unit 0 { family inet { dhcp; } } } fe-0/0/7 { unit 0; }...
View Article