nope =)
need some internal documentation or success story.
KB is complete useless because of no explanation
↧
Re: DHCP option 121. how to specify /16 mask?
↧
HOW TO BUNDLE LAYER 3 INTERFACES ON SRX 1500
Hello,
I have SRX 1500 and i want to bundle to the XE ports and assign IP addresses to them, how can i do it?
Thank you in advance.
↧
↧
Re: DHCP option 121. how to specify /16 mask?
agree, but I know that option 121 is an array of unsigned interger.
So try the array I have sent with byte or unsigned-integer instead of integer.
↧
Re: DHCP option 121. how to specify /16 mask?
no difference.
↧
Re: DHCP option 121. how to specify /16 mask?
↧
↧
Re: DHCP option 121. how to specify /16 mask?
I've read rfc.
according it my config have to be:
set system services dhcp option 121 array ip-address 16.172.16
set system services dhcp option 121 array ip-address 192.168.55.1
as explained at page 3.
but....
↧
Re: DHCP option 121. how to specify /16 mask?
Try this one :
set system services dhcp option 121 array string 0x10AC10C0A83701
↧
Re: DHCP option 121. how to specify /16 mask?
becoming worse
↧
Re: Proxy-ID
I can use cisco asa with crypto maps in one side and srx with traffic-selector in the other side, with no problem. I have this deployed and working fine 
.
↧
↧
SRX - MPLS as primary path / IPSEC VPN as secondary path
Hi all,
i would like to know if someone can suggest how i can deploy the following scenario:
1- one path through the trust zone connect to destination through mpls link;
2- if the mpls link goes down, one vpn site-to-site need be established automatically and the destintion need be reached through this vpn;
Someone know how i can deploy this?
Note: the vpn site to site that will be used as secondary path will use traffic-selector as proxy-id config.
When i use traffic-selector as proxy-id config, the routing table to the other side display the route as [Static/5] automatically.
Someone has any idea how i can deploy this?
Tks,
João Victor
↧
Re: HOW TO BUNDLE LAYER 3 INTERFACES ON SRX 1500
Here is an example of setting up the AE bundle between the SRX and EX
https://kb.juniper.net/InfoCenter/index?page=content&id=KB22474
↧
Re: SRX - MPLS as primary path / IPSEC VPN as secondary path
Hello,
You can refer to link below for reference:-
https://kb.juniper.net/InfoCenter/index?page=content&id=KB29227
Regards,
Rushi
↧
Re: Question abot logical-systems and address-book
Yes you can, at least the CLI support.
BTW, lsys can only be supported on HE.
↧
↧
Re: SRX240 Change the Broadband IP
Hello,
The default route can be set 2 routing?
The new IP and gateway is different by existing.
Thanks!!!
↧
(Juniper SRX) Configure dual internet connection
Hello, i want to ask,
i have 2 internet connection with static ip public and i want to configure my juniper srx 100 with scenario like this:
a. user with ip address list 1-30 connect to internet with ISP 1
b. user with ip address 31-254 connect to internet with ISP 2
i have already configure fortigate with scenario like that use routing policy for dual internet connection
can i do that routing policy like fortigate in juniper srx 100 ?
anyone can help me ?
sorry for my bad english.
↧
Re: (Juniper SRX) Configure dual internet connection
↧
Re: (Juniper SRX) Configure dual internet connection
Hi,
Yes you can do this.
Put both the ISPs in different routing instance.
keep one in inet.o and the second one in another routing instance.
create firewall filter to route traffic
filter term 1 will have the source 31-254 ips and destination any and the action as then accept routing-instance instance 1.
filter term 2 will have action as then accept.
example:
set firewall filter routing term1 from source-address 31-254 ips
set firewall filter routing term 1 from destination-address 0.0.0.0
set firewall filter routing term 1 then accept
set firewall filter routing term 1 then routing-instance instance1
set firewall filter routing term 2 then accept
apply this firewall filter to the interface which is the ingress interface.
set interface ge-0/0/2.0 family inet filter input routing
Also you could go through this KB which talks about the scenario.
https://kb.juniper.net/InfoCenter/index?page=content&id=KB23300&actp=METADATA
regards,
Guru Prasad
↧
↧
Re: SRX240 Change the Broadband IP
You may try load-bancing (https://kb.juniper.net/KB23417)of traffic between these 2 links or do policy based routing (http://kb.juniper.net/KB23300) and send few subnet traffic via 1 link and others via second link.
↧
Re: Question abot logical-systems and address-book
↧
Re: SRX - MPLS as primary path / IPSEC VPN as secondary path
Just a thought, run BGP between MPLS and VPN end points . Import routes from MPLS with Priority 2 and Route from VPN with priority 3 .
↧