Re: Add DMZ on single IP
I'll ask about the validity of the config. How are you testing internet access from the DMZ when there is only a /32 address and it is assigned to the interface on the firewall?
View ArticleRe: Add DMZ on single IP
Thanks for your help.I've tested the configuration with a Playstation 4 console with static ip assigned connected directly to fe-0/0/2. (192.168.5.80)
View ArticleRe: BGP neighborship delay after flap
Hi, See below, I removed my AS and the first 2 Octets of the IP address.If you look at 8:59:54 (search for tmer BGP_MYASNUMBER.10.60.50.100_Connect <Touched> set to offset 32 at 9:00:26)You...
View ArticleRe: Transparent mode: Redundant connection between Juniper SRX340 and Cisco...
Bump... Is there really no one who has run into the same issue?
View ArticleRe: Transparent mode: Redundant connection between Juniper SRX340 and Cisco...
LACP is not supported and I expect static LAG to work, what exactly is the error/issue you are seeing. You may also check the secure wire fetaure -...
View ArticleRe: Add DMZ on single IP
I've updated the conf in the first post, need just a little last help, Thanks
View ArticleRe: Bug ? Sometime the dhcp IP is wrong for the client when I move a client...
Hi @joses. I downgraded to JUNOS 12.3X48-D25.3 but nothing same result !Client IP Address: 192.168.2.163 Hardware Address: XX:XX:XX:XX:XX:5e State: BOUND(LOCAL_SERVER_STATE_BOUND) Lease Expires:...
View Article10 minutes downtime while Primary node boots up after power off/power failure
We have a SRX1400 cluster running on JUNOS Software Release [12.3X48-D35.7]. I was running some Failover test cases. In one of the cases, when we power off primary node, the failover works fine but,...
View ArticleRe: SRX110 connectivity
Now I have this situation## Last changed: 2016-11-21 16:22:08 UTC version 12.1X44-D35.5; system { host-name Axel_firewall; root-authentication { encrypted-password "secret-password"; } name-server {...
View ArticleLog dropped packets to rsyslog
When doing: show security flow statistics we see the dropped pacekts.root@fw1.phl> show security flow statistics Current sessions: 351 Packets forwarded: 15168819 Packets dropped: 157887 Fragment...
View ArticleRe: Log dropped packets to rsyslog
You need to configure a deny + log rule as the last one + configure syslog host as described KB16509: https://kb.juniper.net/InfoCenter/index?page=content&id=KB16509
View ArticleVLAN for WiFi with DHCP
This is really basic, I am sure. Normally I would try to figure it out on my own but do not have the luxury of time.I have an SRX300 with no specified VLAN's, just the default:root@HSRX300# run show...
View ArticleRe: VLAN for WiFi with DHCP
Here a quick copy/paste of set commands for two irb-interfaces, one for internal and one for guest with dhcp server and put in two different security zones. Rest should be adjusted to your setup....
View ArticleRe: error: Could not connect to node1 : No route to host - after power failure
This is concerning me a bit:"When a node is powered down I get a lot of errors on the cisco switch about macs flapping between ports g0/19 and g0/25." If one of the nodes is powered down, then we can't...
View ArticleClik here to view.
Re: SRX routing with redundant connections
Let's clarify, web traffic = TCP = stateful. Without HA cluster this becomes, in my opinion, an exceedingly complicated setup. You need to configure something like VRRP so that both SRX devices can...
View ArticleRe: ipsec VPN is up, but not passing data
always use: > restart ipsec-key-management solves most issues, jsut note all tunlles on box will bounce lol i have found that ISP are really bad about blocking ESP traffic somtimes, the tunnles...
View ArticleNAT64 lan to wan
I'm trying to NAT64 my internal LAN IPv6 network to the Internet which only supports IPv4. Any ideas on where to start?
View ArticleRe: NAT64 lan to wan
Hello , Can you try to follow this : https://kb.juniper.net/InfoCenter/index?page=content&id=KB22391&actp=search
View ArticleRe: ipsec VPN is up, but not passing data
Hi.>>always use: >>> restart ipsec-key-managementIt first thing i've done + cleared SA's Seems to be it was ISP blocking esp traffic, thank you for your reply.
View ArticleRe: NAT64 lan to wan
HiGoogle should be your friend and you will find a lot of information there as a starterhttps://learningportal.juniper.net/juniper/user_activity_info.aspx?id=8996a learning byte on setup of NAT64 with...
View Article