Re: SRX110 connectivity
You can use any ethernet port as your "wan" port on the SRX110. If you just need this to be DHCP client then add this configurtion to the port. set interfaces fe-0/0/0 unit 0 family inet dhcp...
View ArticleRe: Failover not forwarding Traffic to Cisco 3750 from Juniper SRX 650- LACP...
I am still not sure I understand the need for the 2 subnets thenWhy not just use 192.168.50.0/24 your switch will have 2 LACP groups, group 1 goes 2 interfaces on SRX1, this is put in RETH1 group 2...
View ArticleRe: Failover not forwarding Traffic to Cisco 3750 from Juniper SRX 650- LACP...
Hi, @whiteac22 thank you for your suggestion. I have only limited access to firewall , but I checked firewall config and there s no routing entry to 192.168.51.0 thanks for your findings. So I hope in...
View ArticleRe: Failover not forwarding Traffic to Cisco 3750 from Juniper SRX 650- LACP...
Hi, I dont think you are understanding RETH interfaces properly, which is why you are struggling with this. a Reth interface is a redundant ethernet interface. Each SRX will have 1(or more)...
View ArticleRe: SRX110 connectivity
This is a good news, thanks.I need to set on the wan a pubblic address (I have a x.x.x.x/248 subnet) then translate it on a 192.168.x.x LAN where is connected a videoconfernce system.
View ArticleRe: Failover not forwarding Traffic to Cisco 3750 from Juniper SRX 650- LACP...
Thanks for your reply. Here am attaching the Firewall configuration related to this part ; set interfaces ge-15/0/1 enableset interfaces ge-15/0/1 gigether-options redundant-parent reth1set interfaces...
View ArticleRe: Cannot access Internet on DMZ interface SRX240
Hi, i'm trying to add a dmz zone on lan port 2 on local ip 192.168.5.180. Here it is my test: ## Last changed: 2016-11-11 06:13:45 CET version 12.1X46-D55.3; system { host-name JuniperSRX210;...
View ArticleRe: design solution
For full redundancy you could setup LACP from each stack to each of the SRX'sso stack has 2 ports to SRX A in LACPstack has 2 ports to SRX B in second LACP
View ArticleRe: srx5400 HA cluster and dual SPC
Hi, The link I provided was so that you can see the following statement as a note :- Dual control links are not supported on an SRX5400 device due to the limited number of slots. SRX 5400 does not...
View ArticleRe: SRX110 connectivity
I've follow these guide, but I've again problem; on fe-0/0/1 (lan) dhcp don't assign address; on fe-0/0/0 I can resolve all internet address from CLI shell, but a pc connected can't navigate.
View ArticleRe: SRX110 connectivity
You will need to configure DHCP server for your Trust side network or confirm the configuration if it is on there....
View ArticleRe: Failover not forwarding Traffic to Cisco 3750 from Juniper SRX 650- LACP...
Friends, Any comment on above Configuration?
View ArticleRe: SRX 650 with dual ISP
hello spuluka, thank you very much for sharing the link and is very infomative but i want to configure BGP with ISP. kindly advise regards,Fahad
View ArticleFortigate 800C - SRX 240 ike problem
Hi, I'm trying to configure vpn between Fortigate 800C and SRX 240 in test environment (the same subnet for WAN interfaces). I have a problem with ike: Juniper: show security ike security-associations...
View ArticleRe: Failover not forwarding Traffic to Cisco 3750 from Juniper SRX 650- LACP...
That configuration looks like you are putting two interfaces from the primary firewall into a redundant ethernet group. what about the interfaces for the second? so Reth1 needs to have an interface on...
View ArticleLimited download but no affect streaming with firewall policer
Regarding to the firewall filters and policer on SRX. I would like to ask about what is the proper configuration if inside of a subnet with 192.168.200.0/24 is limited to download only for 128k but it...
View ArticleRe: Fortigate 800C - SRX 240 ike problem
P.S.It is route based VPN on both sides. I have 2 another Fortigates connected the to 800c. I also had other srxes connected to Srx240.
View ArticleRe: Limited download but no affect streaming with firewall policer
Hi, term LIMIT-DOWN { then policer RATE-LIMIT; } term ACCEPT_ALL { then accept; }The term LIMIT-DOWN has no matching condition, thus all traffic would go through this term and be subject to...
View ArticleRe: SRX 650 with dual ISP
I assume you will be using BGP to advertise out your own subnet. For the policy based routing by subnet you do need to use FBF for the outbound routing....
View ArticleRe: Fortigate 800C - SRX 240 ike problem
iked_pm_ike_spd_select_ike_sa failed. rc 1, error_code: No proposal chosenThis message does mean that the IKE crypto packages do not match. You should create an explict package under the security...
View Article