SRX IPsec client VPN
Hi, Many apologies. This is one part of the configuration I neglected. I need to configure an IPSec VPN for client access. So, for example, we will need access to the ISP Data Network via a VPN but...
View ArticleRouting IRB on SRX
I have two VLANs, and two IRB interface for two guest VMsBoth two VLANs is associated with ge-0/0/5 interface and It is a same DMZ zone. They can't ping to each others. What is miss configuration?Here...
View ArticleDownload Speed is Very Slow
Dear All,Download speed of my network is very slow. Upload speed can get full performance.My download speed is under 30kbps everytime without user. How to fix to improve my download speed ....
View ArticleMultiple static NAT to same prefix
Hello I have a need to have 2 static NAT's going to the same server in the same subnet for a few different servers. A example 192.168.5.10 needs to have static NAT of 172.2.2.10 & 172.2.2.100. See...
View ArticleProblem with NAT Juniper SRX
Hey Guys,i am currently facing an issue with natting on Juniper SRX. Topology is as follows: SRX -> VPN-Gateway -> Remote VPN Gateway -> Remote SubnetSRX LAN 10.1.1.1/24 -> Source...
View ArticleSRX240 Virtual Chassis - Master firewall maxed out
Hi there, We have 2 SRX240 firewalls which work together as a VC. We've found recently (within the last year) when logging in and perfoming commands (such as show, commit, etc) the firewall is slow...
View ArticleProblem when enable enhanced mode
I have one pair of SRX and configured enhanced mode on group. and applied its on both nodes.After that I reboot all SRX in cluster but an error still shown root@SRX-Primary# commit check node0:...
View ArticleSRX220H2 upgrading fails
Hi there, I'm trying to upgrade my SRX220H2 to lattes firmware version: 12.3X48-D65 Actually I have: --- JUNOS 12.1X46-D72.2 built 2017-12-23 09:11:03 UTC During the progress of the processing I've got...
View Articleppmd and CPU 100%
Hi,As the SRX is currently not being utilised, other than ISIS traffic and UDP 1812, 1813 and 1814 authentication process, I am a little concerned that the J-Web "resource utilization" shows at 100%...
View ArticleLogical system policies limitations in SRX5400
Can anyone please tell me how many security policies,NAT,Zones can be reserved and for logical system. Is there any limitations? Thanks in advance
View ArticleIP Interface used by bootp helper
Hi,I have 2 SRX210 with configured helper bootp interface vlan.12/13 server 10.111.136.6Both have:set interfaces vlan unit 12 family inet primaryset interfaces vlan unit 12 family inet address...
View ArticleIke phase 2 not coming up --- error Address based phase 2 SA-CFG lookup...
Hello,I am trying to establish a vpn , and i have phase 1 established but on phase 2 i m getting these errors.Would you please have a look and advise what might cause it ? Inside...
View ArticleIp Monitoring not working with NAT
Hello Folks, I have created a test setup with an SRX300 with dual ISP FailoverZiggo is the default ISP and connected through ge-0/0/0.0 with next-hop 10.255.255.254DSL is secondary and connected...
View ArticleAny idea about kernel: ae_linkstate_ifd_change
Recently the following log has been encountered on the one of the high end SRX(s). It is noted it is relating to the pyhsical interface -ge-5/3/9 as the interface is up up from the output of >sh...
View ArticleSRX340 DHCP and Cisco WLC relay - No network access to clients
Hi, I have configured new SRX 340 with DHCP and VLANs for internal and guest access. I can not get the DHCP clients to access the network when using wifi. LAN DHCP is fine. However, if the clients are...
View Articleis it possible block mac-address using zone-to-zone policy in SRX5800?
Hi all, may i know is it possible to block mac-address using zone-to-zone policy in SRX5800. If cannot use zone-to-zone then is it have other way to achived it using SRX5800 family inet. Thanks and...
View Articlesecurity policy based on HTTP HEADER
can I set a security policy to block traffic based on HTTP HOST in http request?
View ArticleSRX 3400 high CPU issue
Hi we have Juniper SRX 3400 Firewall as you see in attachment it has only 38% sessions and its CPU is 99%...Can anyone suggest what we should do? Also find output of command: show system processes...
View ArticleSRX345 Cluster - reth interface members
Hi,I hope somebody can help me with this setup.There is a cluster of two srx345 and two non-stackable switches.For redudancy, each SRX node must be connected to each switch.The current configuration...
View ArticlePrepare CA for SSL Proxy configuration
Hi I would like to configure SSL Proxy so ertificate is required.I have no CA on test environment . Could you guide me the step to configure root CA, generate CSR, sent CSR to CA, load certificate on...
View Article