Why to Use of Proxy-identity in VPN?
Hello everyone,I just want to know why we use Proxy-identity ( Local/remote) in VPN? At our design, earlier we were configuring VPN's without Proxy-identities, but after using NAT in our environment,...
View ArticleClik here to view.
srx chassis cluster and ex virtual chassis
Dear Allwhat is the best practice recommendation connecting srx chassis (active/standby) cluster with ex virtual chassis in Layer 3 deplyoment ?I think about 2 interface in each node as a member of 1...
View ArticlePacket loss from a source to a destination on SRX240
A juniper SRX240 collects multiple VPNs and forward to an output port was found to have packet loss.Example : sequenced packet from interface ge-0/0/0.00 is routed to output ge-0/0/12.0, but certain...
View ArticleHow to monitor RTP traffic on interface
Hi I need the ability to monitor RTP traffic ideally via SNMP. I already do this for traffic a a whole, but I would like to specifically monitor RTP traffic so I konw how mch bandwidth my VOIP servers...
View ArticleSRX - Configure SMTP for Health Monitoring
Hello, i want to configure an email redirection to monitoring my srx devices (SRX 240h & SRX4100). But the only one what i can configure is the email server.we dont use the utm feature. But this is...
View ArticleJuniper SRX 210 Dynamic VPN not connecting and Pulse client stuck on...
Hello, I am at a loss on this one. I have configured via cli and the wizard, and have confirmed configuration many times over. Downloaded Pulse Client directly from SRX device. Model: srx210he2JUNOS...
View ArticleSession Timeout error??
Hello, we have an SRX running JUNOS 15.1X49-D50.3 and we are having a strange timeout issue. attached is a log showing a session from a client A.A.A.A to server Z.Z.Z.Z with default session timeout of...
View ArticleClik here to view.
Packet mode to flow mode compatibility and configuration converter
Hi,We have two SRX240H2 configured in packet mode. There are 15 VRF and 14 VRRP instance(multiple unit configured und ge-0/0/2 interface) configured. Please find below memory and cpu utilization...
View ArticleSession timeout SRX1500 to ISG2000
Hello experts,We have a desing which involves the IPSec VPN between the SRX1500 firewall and Juniper Netscreen ISG2000. There are multiple LANs behind the SRX1500 and a single LAN behind the ISG2000....
View ArticleDynamic VPN with NCP remote client
Hello,I get this error on the NCP gateway when I try connecting NCP remote client to SRX acting as the VPN gateway:VPN error: RECVG-MSG2-AGGR-PSK -> invalid preshared keyI changed the preshared-key...
View ArticleVPN With Mac Computers
Is there a good solution to using Mac with a VPN on the SRX or should I look elsewhere for a VPN solution?
View ArticleFabric link failure and RG0
Is there a way to have the secondary node for RG0 go into an ineligible/disabled state when a fabric link failure happens?
View ArticleNetwork not advertising after policy put in place
Hi, I have probably missed something simple here. I have a network attached to port ge-0/0/8 and have placed a static route pointing to the port for the network. I have also placed this in ISIS as per...
View ArticleSSH Access to SRX1500
Hi, I have checked everything before posting this question (unlike my last one which I apologise for).... I am trying to enable SSH access to an SRX1500. I have no use for the trust zone as I have...
View ArticleAccess between Security Zones
Dear Forum I get nuts with my problem. Maybe you can give me some hints.We use a SRX 340 (15.1X49-D120.3)There are the Internal Security Zone (irb.10) and the Wlan Security Zone (irb.20).From Wlan...
View ArticleHow to redirect a server to another Internet link
Hi everyone. I would like some help to redirect a server in my Company to another Internet link, in a different physical location, interconnected by two SRX240. I'll try to explain next, and post a...
View ArticleSRX340 - JSRPD log to Syslog to troubleshoot HA Cluster Instability
Hi All, Looking for some assistance with a pair of Juniper SRX 340's configured in HA Active/Passive mode. Trying to troubleshoot the instability, where node1 drops out of the cluster with the...
View Articleopenvpn blocked by IDP
Hi,We have srx340 with latest junos and idp signature update. if i enabled IDP on security policy then it blocks openvpn client traffic.if i disabled IDP on security policy then openvpn working...
View ArticleManagement using fxp0 only
Are there any issues with using fxp0 only for management of an SRX? Are there any limitations in regards to SNMP, NTP, etc.?
View ArticleL2 channel errors betwen SRX550 and ex4200
Hi, admin@SRX550-DC-SH> show interfaces ge-0/0/1 extensive | match "L2 channel errors:" | refresh 5 ---(refreshed at 2018-02-18 10:26:29 UTC)--- Errors: 0, Drops: 0, Framing errors: 0, Runts: 0,...
View Article