SSL Forward Proxy
Given google chromes requirement to present sha256 or more secure certificates to ensure browser security, is there a way to specify the digest of the client side certificate presented by the srx...
View ArticleRe: SRX1500 SSL Proxy Signing hash
Have you found any resolution to this? From my understanding the SRX should be inheriting the hash algorithm from its own certificate but this does not seem to be happening as im having the same...
View ArticleUnable to browse website after deploying Juniper SRX220H as Transparent Mode
Dear all, I setup an Juniper SRX Firewall and acted as a transparent mode firewall for IDP purposes. I place it between the Internet Router and Fortinet Fortigate Firewall. We are able to ping the...
View ArticleClik here to view.
Connect PFSense to JuniperSRX
Hi, I am having issue connecting PFSense Server to Juniper. Here is my current setup: Modem is directly connected to Juniper and it works fine, however I want the Traffic shaping and squid so that I...
View Article[SRX Cluster] NTP synchronization
Hi All, Just asking how ntpd working in SRX with chassis clustering mode. As now seeing one node0(chassis) as using LOCAL CLOCK and another node1(chassis) is gettin NTP CLOCK It is node0 fetching data...
View ArticleRe: Update Junos version in SRX cluster
Hi, Please check the md5 of the image on node 0 to make sure the source image itself is not corrupted.Try using :->file copy /var/tmp/junos-srxsme-12.3X48-D30.7-domestic.tgz...
View ArticleRe: SRX300 series VLAN interface
This worked but CPU utilization is ~ 71% now, is this sending all switch traffic to the routing engine and thus using CPU time for all switch traffic? Similar config on a SRX100 seeing 5-10%...
View ArticleRe: SRX300 series VLAN interface
if you enabled l2-learning global-mode switching, inter-vlan traffic is handled by the switching chip. Only traffic destined outside the vlan will be send to the CPU. Where do you see the CPU load of...
View ArticleRe: Connect PFSense to JuniperSRX
It there any specif reason why you do not want the SRX to be your firewall? Seems to be waste of money and resource othervise?
View ArticleRe: SRX300 series VLAN interface
Bit lower now but still quite high tima@tima-testlab-srx# run show chassis routing-engineRouting Engine status: Temperature 48 degrees C / 118 degrees F CPU temperature 62 degrees C / 143 degrees F...
View ArticleRe: QOS question - phsyical port speed override?
Still cannot get this working, A week from deployment surly im not hte only that has come across this ? anybody have any other Ideas. The T1 circuit are fine they show as 1.544 I cant really change the...
View ArticleRe: Update Junos version in SRX cluster
Hi, Thanks for ur reply I tried, but.. L> file copy /var/tmp/junos-srxsme-12.1X47-D10.4-domestic.tgz node1:/var/tmp/ ssh: Could not resolve hostname node1: hostname nor servname provided, or not...
View ArticleRe: SRX300 series VLAN interface
Are your units hot to touch? Mine are really warm, almost too much I think, hopefully once software fixes the bug and the units run properly it will cool down.
View ArticleSRX1500: IRB interfaces and Ping issues between directly connected interfaces.
Hi , I have 2 SRX1500 configured in l2-learning to mode "switching" I created 3 vlans and set l3-interfaces irb SRX1:set interfaces ge-0/0/4 unit 0 family ethernet-switching vlan members VLAN12set...
View ArticleRe: SRX1500: IRB interfaces and Ping issues between directly connected...
On the zones themselves, are you allowing hostinbound traffic ping? are the SRX's directly connected? or are they connected via switch?
View ArticleRe: SRX1500: IRB interfaces and Ping issues between directly connected...
hi , SRXs are directly connected ( no switch in between them ) and in zones i have < below output > on both SRXs set security zones security-zone TEST host-inbound-traffic system-services allset...
View ArticleIntegrated User Firewall Issues
Hey team , I am trying to Integrated user firewall with AD , II can see that srx is connected to ADcontroller and I can see the table as well . However , the user can not browse and when I looked...
View ArticleRe: [partition] option in [request system software add] command
This behavior was assigned to PR1192353.I confirmed that this issue is improved in 15.1X49-D60 @SRX300. More information is below: ## Resolved Issues (from 15.1X49-D60 release...
View ArticleRe: Unable to browse website after deploying Juniper SRX220H as Transparent Mode
If that's the case, may I know how can I disable the SSL decryption in the Juniper SRX firewall? As we plan to apply the SSL decryption on the Fortinet Firewall. By having only one end with the SSL...
View ArticleRe: Can SRX notify to administrator in the wake of the match with the...
[ Example ] policy p2-raise-trap-4-secpol { events [ RT_FLOW_SESSION_CREATE RT_FLOW_SESSION_CLOSE RT_FLOW_SESSION_DENY ]; then { raise-trap; } for permit action >>...
View Article