Quantcast
Channel: All SRX Services Gateway posts
Browsing all 17645 articles
Browse latest View live

wtmp not being generated

I noticed on SRX1500 and SRX5400 that /var/log/wtmp isn't being created thus show log user gives-------------------------------------------------------------------------- last: /var/log/wtmp: No such...

View Article


SRX VPN licenses

HelloI'm thinking of getting a SRX240 or 300 for my lab for JNCIA preparation as well as for replacing my pfSense gateway box.Not sure though how the VPN licensing is with those SRX you find on ebay.Is...

View Article


Re: SRX VPN licenses

HI davorin, there is no license limitations on site-to-site VPN connections. The license limitation is regarding VPN clients (dynamic vpn). You get 2 concurrent connections included in the base system...

View Article

Re: From trust to trust zone for two internal network

You will need to confirm that you have a  nat rule and policy in place. source nat and security policy from zone trust to untrust needs to cover the new subnet 192.168.30.0/24

View Article

Re: architecture/config question

I assume the log is from the originating site.  This seems to confirm that your security policy is working. Is there a log on the security policy at the hub site that shows the traffic has arrived?If...

View Article


Re: SRX VPN licenses

Ah that is great to know :-) Which would be a better box to use as I see both the SRX240 and SRX300 close in pricing on ebay...though I like the fact theSRX300 comes with 2 SFP slots... Think the...

View Article

Re: SRX VPN licenses

The SRX240 platform has been announced end of life so no new features will show up. Buying a SFP-module for the SRX240 will be very pricy as well so I would recommend looking at the SRX300 - and as a...

View Article

Re: architecture/config question

thank you for the reply - it turns out the solution here was more simpler than I had anticipated.  It was just a matter of recognizing that the rule on that central fw had to be inbound/outbound on the...

View Article


destination net unreachable with virtual-instances

Hello Juniper Experts, I hope you can help me out.I have the following issue :When i am using routing-instances for multiple isp connections the routing will fail when i create a very simple config...

View Article


Re: destination net unreachable with virtual-instances

Hi, It appears that 192.168.10.0/24 network is in default inet.0 and there is no route to the destination in inet.0 You may need to use filter based forwarding on the ingress interface fe-0/0/5 to...

View Article

Re: From trust to trust zone for two internal network

Thanks everyone. All my problem had been resolved. I did not put the Proxy arp for the public ip address to ge-0/0/2. P. Wong

View Article

Re: destination net unreachable with virtual-instances

Hi AshvinO, I am using instance-type virtual-routerIn the example you showed me they are using insance-type forwardingI don't know if that is a problem but when i looking at the following article they...

View Article

Re: destination net unreachable with virtual-instances

Hi,  Could you check if the default route is active in inet.0.Also could you check if the interface-routes are imported into inet.0, i.e if routes for the next-hops [1.1.1.6 & 2.2.2.6]are...

View Article


Re: destination net unreachable with virtual-instances

Hi Ashvin, No routes present when i enter those commands.  root@srx100> show route table inet.0 0.0.0.0 root@srx100> show route table inet.0 1.1.1.6 root@srx100> show route table inet.0...

View Article

Re: destination net unreachable with virtual-instances

when i add the following line set routing-options static route 0.0.0.0/0 next-table isp1.inet.0the 0.0.0.0/0 route is now as expected in the inet.0 routing table but will always go outside though...

View Article


Re: destination net unreachable with virtual-instances

Hi, You could import interface-routes in inet.0 using rib-groups:set routing-instances isp1 routing-options interface-routes rib-group inet ispassuming next-table is being used in the RIs to direct...

View Article

Image may be NSFW.
Clik here to view.

Re: destination net unreachable with virtual-instances

d*mn i'm pulling out my hairs here. i'm not really unfamiliar with routers/firewalls in general but i just don't get this.I don't get the point of rib-groups.what is a rib group doing. In my opinion it...

View Article


Re: destination net unreachable with virtual-instances

Hi, Do you see interface routes in inet.0 now?show route table inet.0 protocol directThe static default route config should still be present:set routing-options static route 0.0.0.0/0 next-hop...

View Article

Re: destination net unreachable with virtual-instances

This is what i see root@srx100# run show route table inet.0 inet.0: 4 destinations, 4 routes (4 active, 0 holddown, 0 hidden) + = Active Route, - = Last Active, * = Both 1.1.1.0/29 *[Direct/0] 00:27:52...

View Article

Re: destination net unreachable with virtual-instances

Hi,If static default route is configured in inet.0, then traffic to internet should be ok.set routing-options static route 0.0.0.0/0 next-hop 1.1.1.6Am not sure what you meant by "still not the routes...

View Article
Browsing all 17645 articles
Browse latest View live


<script src="https://jsc.adskeeper.com/r/s/rssing.com.1596347.js" async> </script>