Hi Spuluka,
Thanks for the url given. FYI, we have 3 SRX 5800 (Cluster , A, B , C) chassis cluster and one of them (Cluster A) is MacAfee can received the syslog may be because it have direct connected to Cluster A. But Cluster B and C is using routing to reach MacAfee.
Hopefully someone out there can give some workaround because now they think it SRX issue not SIEM issue.
Can you arrange a packet capture at the SIEM or the connected port?
That is really the way to verify which side this is on. Since you have the same configuration successfully pushing logs to the Space log collector and not to the SIEM, I'm leaning toward the issue being with the SIEM config.
But once you verify whether or not the data is arriving at the SIEM that gives you the ammunition to work with TAC on either side and resolve the issue.
Would that affect the static NAT?
we are under an attack that sends syn packets with impressively high mtu , do you have an advice for that it creates so high traffic nearly 5Gbit
so no body faced with that
anyone trying to help?
baffles me DHCP doesn't work well and not getting how Juniper gets so much respect making something that doesn't work well and for how long was this in use by so many people? but did not work well
Hi,
Yes this would need root privileges.
Regards,
Sahil Sharma
---------------------------------------------------
Please mark my solution as accepted if it helped, Kudos are appreciated as well.
Dear All,
Good Day,
I try to configure ECMP With different weight which I have two lines one of them 12M and other is 8M So I need to divied bandwidth to 60% and 40% to make the best design (12M--->60% & 8M--->40).
Please any one know how to configurtion that match my needs.
For DoS attacks on the SRX you can use screen functions to detect and drop the malicious traffic.
Hi,
Here is an example of how to acheive this using policy-options in BGP :-
http://www.juniper.net/techpubs/en_US/junos15.1/topics/example/bgp-multipath-unequal.html
Please test if this works for you on the SRX.
Regards,
Sahil Sharma
---------------------------------------------------
Please mark my solution as accepted if it helped, Kudos are appreciated as well.
You can weight for interface bandwidth using IS-IS or eBGP. But I'm not sure if this feature is active on the SRX series.
Hi Junipersrx240,
Sorry to say, you are acting very ungrateful for the (free!) help several people have tried to give you where a lot of the issues you are facing are simply because you haven't taken the time to actually try to understand how Junos works.
No matter if people provide set commands, config snippets or just advice on the device architecture, you should be greatful.
DHCP is working very well and has been doing for ages. JDHCPD has been the recommended version since 2013/2014 - so complaining about Juniper keeping support for legacy dhcpd for 3 years instead of just removing support after 6 months, is quite good.
I would suggest that you start looking at the Day One books which gives a very good introduction to Junos and the different Juniper platforms: https://www.juniper.net/us/en/training/jnbooks/day-one/ - That would give you idea how to navigate the Junos CLI and use the help which people have provided.
srx does not have capability of good performance on syn attacks
http://forums.juniper.net/t5/SRX-Services-Gateway/SYN-Attack/td-p/301483
Hello,
This is possible on MX with flexible offset filters
Requires JUNOS 14.2 and newer.
I personally wrote such filters for a customer of mine albeit for a different task but I know that these filters are very adaptable and can match arbitrary bit pattern in an IP packet/MPLS frame/Ethernet frame.
Please contact Your Juniper account team if You have difficulty configuring those so that Juniper Professional Services could help You.
HTH
Thx
Alex
hi,
with the jdhcp the same issue
i dont know what happen
Hi everyone,
I am new to Vitual Router in Junos. I have EX2200 and SRX220. Now its running in default router config - routing options & VPN IPsec... I having plan to create a VR for Operator to config some ports on default router also use VPN and then routing to default SRX router. Anyone have same issue, and how to configure it so i can understand it well.
Many thanks!
Try debug:
set system services dhcp traceoptions file apple-credit-trace.log
set system services dhcp traceoptions flag all
>show log apple-credit-trace.log
Hello Ling NG,
You can refer to the KB article below:
https://kb.juniper.net/InfoCenter/index?page=content&id=KB16453&smlogin=true&actp=search
Regards,
Rushi
Thanks Rushi,
I have confuse about user permissions. I want to create an operator user with access privileges that user only can config on VR like super-user but cant config on default router. is it possible?
When you buy an SRX300, is there a requirement to buy a JSB license? It seems to me that this is the base capability.
I appreciate that the JSE license offers advance routing features such as MPLS.