Re: Policy based vpn up but no traffic
Hi all, after further testing with personell on the peer side, we finally solved it. We tested differenet proposals and policy-object and finally another server on the peer-side. Finally traffic flew...
View ArticleRe: PPTP behind SRX
Hi Spuluka, Thanks for taking the time to reply. So i need to do the following: For example sake i have made up these up for our devices External interface of SRX 1.1.1.1/29Secondary interface of SRX...
View ArticleNo Cluster functionality after Upgrade SRX240
No Cluster functionality after UpgradeHello,after upgrade (In-Service Software Upgrade ) our Juniper Cluster (Two SRX240) from version 12.1X46-D40 to 12.1X55-D40 our cluster no longer works. No...
View ArticleRe: No Cluster functionality after Upgrade SRX240
Please run following commands on SRX from operational mode (SRX>) and reboot them. request chassis cluster in-service-upgrade abort request system software abort in-service-upgrade
View ArticleRe: PPTP behind SRX
Actually i dont need to configure a secondary ip, as thats the point on the proxy arp right?
View ArticleRe: No Cluster functionality after Upgrade SRX240
This should help:http://www.jnpr.net/techpubs/en_US/junos12.1x46/topics/task/operational/chassis-cluster-issu-failure-troubleshooting.html
View ArticleRe: PPTP behind SRX
Correct, proxy-arp means you do not need the address on the interface and in your example you can't put the address on the interface because you are sending all ports. This is the more typical examples...
View ArticleRe: No Cluster functionality after Upgrade SRX240
Thanks!!!!!!!!!!!!! root@FW> request system software abort in-service-upgrade In-Service-Upgrade aborted Remote node (node 0) is not reachable. If the remote node fails to join the HA cluster, then...
View ArticleClik here to view.
Re: PPTP behind SRX
Just one more thing. The main reason that we use this is that we have certain websites and applications that you can only access via our external ip, so the users who work from home dial in then go out...
View ArticleJuniper SRX "New Sessions/Second" - Limits
Quick Question: Why is the number of session setup rate low? Low compared to Huawei Eudemon Specifically?Is this a Junos Software limitation? Or Hardware Limitation?While I get 150K on Juniper, Huawei...
View ArticleHow to access Web server behind SRX
Hello folks, I have hosted one web server front ended with SRX firewall and SRX firewall untrust interface has public IP address reachable through internet. Now, how to access from internet the web...
View ArticleRe: How to access Web server behind SRX
I hope this will be the right documenthttps://www.juniper.net/documentation/en_US/junos12.1x46/topics/example/nat-security-destination-single-address-translation-configuring.html
View ArticleRe: How to access Web server behind SRX
Thanks Suraj for your response, this was truely helpful. I have just one query..the concept considers incoming traffic from internet to be of Public IP 1.1.1.200/32 .I intend to keep this generic for...
View Articlej-flow Version 8 Documentation?
Hi Trying to configure j-flow Version 8. I cant really find any documentation for this other than:...
View ArticleRe: Juniper SRX "New Sessions/Second" - Limits
Which model of SRX? If it is an SRX110, then it is limited to 1,800 sessions per second. Larger devices will do more though.
View ArticleRe: How to access Web server behind SRX
The example is using 1.1.1.200 as the destination address. Replace this IP with the public IP address you would like to use to access the web server. The proxy arp is used for the device to respond...
View ArticleRe: Public subnet behind SRX
HiI had the same issues with one of my customers.If you have a small business firewall SRX### and not SRX####you can do layer 2 and layer 3the srx behaves like an ethernet switch with a vlan interface...
View ArticleRe: Juniper SRX "New Sessions/Second" - Limits
Hi, You are talking based on datasheet infos or based on real tests ? B
View ArticleRe: Interface Zero in Jflow
can you try applying the j-flow filter in the output direction also and check?
View ArticleRe: QOS question - phsyical port speed override?
I would recommend you opening a JTAC case for further investigation.
View Article