Re: Policy based vpn up but no traffic
So this is the scenario:local host - local VPN gateway - ge-0/0/0.0 -------------- interface X - remote VPN gateway - remote hostlocalhost IP = 192.168.1.190remote IP = 192.168.75.5As I explained in my...
View ArticleRe: Policy based vpn up but no traffic
Sorry Pantunes, but you are incorrect. Policy based VPN do NOT require a route to the remote LAN subnet. This is only needed for a route based vpn. See the Policy based VPN configuration sample set...
View ArticleRe: SRX100 and BT infinity problem
Installed Wireshark and capturing the traffic. Don't know much about it so it might take a while to get through the log and understand something from it but will give it a try.
View ArticleRate-limiting not working
Hi, I am trying to limit both upload and download speeds for a specific host to 1Mbps. This is my configuration for rate-limiting using a firewall filter: firewall { family inet { filter output-limit...
View ArticleRe: Rate-limiting not working
Hi Firewall filter drops all traffic not explicitly allowed, this is what happens in your case. You might want to add a "then accept" term at the end. More details here:...
View ArticleRe: Rate-limiting not working
I do have a "then accept" at the end of my term. I'm using the exact configuration shown in the juniper kb (https://kb.juniper.net/InfoCenter/index?page=content&id=KB28161) with the addition of...
View ArticleRe: Rate-limiting not working
You should have something like this family inet { filter output-limit { term 0 { from { source-address { 192.168.1.66/32; } } then { policer policer-1mb; accept; } } term else { then accept; } }...
View ArticleRe: SRX100 VPN problem
The VPN is working but I still can not ping any interface. The config is attached
View ArticleRe: Rate-limiting not working
Dont know your situation, however using App Qos rate limiters would work perfectly in your situation. Check it...
View ArticleRe: SRX100 VPN problem
when you connect via vpn, what IP address do you get?>show rout 192.168.178.0/24, where is the next hop interface? do you have a route to that network?
View ArticleRe: Policy based vpn up but no traffic
Is "policy vpn-trust-1" the only security policy in "from-zone trust to-zone untrust"? If no place it at the top(use the insert command)Is "policy vpn-untrust-1" the only security policy in "from-zone...
View ArticleClik here to view.
Re: SRX100 VPN problem
Sorry I missed that fact that originally the pool was not in the same subnet as your interface i.e. 192.168.0/24. I see that now it is however you are still missing the proxy arp statements. set...
View ArticleRe: SRX100 and BT infinity problem
As far as I understood, from the SRX:- you can ping the server : ping 192.168.1.225- you cannot telnet to the server: telnet 192.168.1.225 port 1723 Is the service really running on port 1723 on the...
View ArticleRe: Policy based vpn up but no traffic
Hi spuluka, Your link shows that such a route IS required. In your the example given this would be the route below which is mateched when you need to send traffic over the VPN:set routing-options...
View ArticleNo more variables left in this MIB View (It is past the end of the MIB tree)
Hi, We use 2 Juniper SRX220 firewalls.One is active and one is passive.I want to use SNMP V3.The next configuration is entered.Gate@gate-0# edit snmp v3{primary:node0}[edit snmp v3]Gate@gate-0# showusm...
View ArticleRe: Policy based vpn up but no traffic
Pantunes, That is a standard default route out of the device to the internet and not related at all to the VPN configuration. If that route were missing the VPN tunnel would not be up at all as the...
View ArticleRe: Policy based vpn up but no traffic
Hi spuluka, Yes this route is also used to reach the internet, it will certainly be used to reach the remote VPN gateway. But it is also used when the local gateway receives the first packet of a flow...
View Article