Clik here to view.
Clik here to view.
Re: SRX 3K SYN proxy problem
Hello,Thanks for posting the config.SPDNet wrote: A few minutes ago we got a 50K pps spoof syn attack 185.118.142.254 620.41 kbps1638 pps16.98 mbps52975 pps And the device reached the maximum...
View ArticleRe: SRX 3K SYN proxy problem
But i do not want A syn cookie protectionI want an syn proxy for each first syn connection which does not have fast path at least
View ArticleRe: SRX 3K SYN proxy problem
We tryed an spoof syn attack with an easy script check results :root> show security flow session destination-port 81 Flow Sessions on FPC7 PIC0: Session ID: 140163192, Policy name:...
View ArticleSRX COMMIT FAIL-nterface must be configured under interface
Hi techies, I am testing SRX and I am getting error while commiting changes. No interface is moving into security zones. Error is Interface ge-0/0/2.0 must be configured under interfaceserror:...
View ArticleRe: SRX COMMIT FAIL-nterface must be configured under interface
Look into show interfaces and see if a ge-0/0/2 unit 0 is configured there !It should have eíther family ether-switching or inet or inet6 configured regards alexander
View ArticleCaptive portal radius accounting
Good Afternoon We have a customer that will have wired and wireless devices. We require to keep trake of data usage per user. Does the Captive portal when using radius auth pass on accounting data?...
View ArticleSRX cluster, dual ISP's in use all times
Hello everyone, I'm trying to configure a setup, where I have a clustered configuration of 2 SRX 220's, while utilizing dual ISP scenario, where I'm only concerned about failing over if one of the...
View ArticleRe: Boot halts at Time and ticks drifted too much
Hi! Thank you for your answer. I am using NTP to set my time, tried running: > set ntp date [server] to make suer it was working. Did find I was also using a boot-server parameter. I guess network...
View ArticleRe: SRX cluster, dual ISP's in use all times
After thinking about this out loud this morning, I guess I do really want to have the cluster fail over if a state change were to happen on any physical interface related to my ISP's (cable pulled or...
View ArticleSimple 1 sentence question
Should SRX 3600 work as syn proxy / chek syn cookie on bridge mode ? i mean with bridge mode : there are 2 MX router and there is an SRX 3K between of them i am routing traffic to SRX and re route to...
View ArticleNeed advice
I need a topology advice. We have an mx80 Router which has 4 port of 10Gbps 1 of them for upper stream other 3 is empty. we have an 10G UDP firewall which need to only face with udp traffic if tcp...
View ArticlevSRX not picking up an IP address
Hi all I just downloaded vSRX and booted it up with my vmware workstation. But none of the interfaces are picking up any dhcp address. I set ge-0/0/0.0 to dhcp but during run mode I don't see an IP....
View ArticleRe: External Users Can't Reach Public Addressed Devices in DMZ from Untrusted...
Update: Was finally able to take a look at this again and removed the static NAT and set a source NAT for the Public-DMZ. This allowed me to test to ensure it wasn't an issue with how static NAT was...
View ArticleRe: External Users Can't Reach Public Addressed Devices in DMZ from Untrusted...
Does not it look like a routing issue? Because when you changed the soure then it starts working... Does the device in DMZ have the route to the external IP that is comming in? -IE
View ArticleRe: vSRX not picking up an IP address
the switch you to which you have connected your vSRX is in promiscous mode? -IE
View ArticleRe: vSRX not picking up an IP address
hey it now works. I redid the VM and made sure the interface is on NAT and suddenly I have IP.
View ArticleRe: External Users Can't Reach Public Addressed Devices in DMZ from Untrusted...
The devices that are in the DMZ have their NIC assigned with IP that is set for static NAT with the subnet mask and gw defined for that DMZ. Does this answer your question?
View ArticlevSRX cluster setup root password complexity question
Hi all I am trying to setup a vSRX cluster, via the the web gui. For the secondary unit it asks for the new root password to be set. When I tried my default password that I use for any of my lab setup...
View ArticleRe: Extension of IDP/UTM trial licenses
Hi, It did not help me. I upgraded the JunOS already. Is there any other way to extend the trial license? I have used 30 days trial license on my srx 240 H. Thanks,Yasir
View Article