Re: SRX100 VPN problem
I see a lot of changes. You need to keep the vpn pool assignment different from the controls network. Do this for me and at the top of the hierarchy, run this command.#show security | display set |...
View ArticleRe: SRX100 VPN problem
Here is the ethernet Ethernet adapter Local Area Connection:Connection-specific DNS Suffix . : Link-local IPv6 Address . . . . . : fe80::b045:e649:ce09:99c0%51 IPv4 Address. . . . . . . . . . . :...
View ArticleRe: SRX100 VPN problem
I think there is problem with the pulse client. The Ethernet adapterJuniper Network Agent Virtual Adapter is not present. Weird. You may have to create a case with Juniper. Try and reinstall the pulse...
View ArticleRe: SRX100 VPN problem
Here is a question were would I download another Pulse client Ok here is the file. root@Gtown-VPN02> file show new-sec-configset security ike policy ike_policy_startup_rvpn mode aggressiveset...
View ArticleRe: SRX100 VPN problem
Here is the info on Junos Pulse Junos Pulse 5.0.3.44983Junos Pulse 802.1X Connection Method 5.0.3.44983Junos Pulse Connection Manager 5.0.3.44983Junos Pulse Connection Store Service 5.0.3.44983Junos...
View ArticleRe: Bug ? Sometime the dhcp IP is wrong for the client when I move a client...
@mircho unfortunatelly even this didn't work Client IP Address: 192.168.2.104 Hardware Address: XX:XX:XX:XX:XX:5e State: BOUND(LOCAL_SERVER_STATE_BOUND) Lease Expires: 2016-12-01 01:25:06 GMT Lease...
View ArticleRe: DHCP Relay and PXE Boot
"forwarding-options helpers bootp " is old DHCPD config and "forwarding-options dhcp-relay server-group" is the new JDHCPD config. You cannot have both running simulataneously . Either DHCP config or...
View ArticleRe: SRX100 VPN problem
deactivate security flow traceoptionsthen view the log file for why the vpn traffic is not working. This time I really suspect it is routing from the protected network. But we should get information...
View ArticleRe: DHCP Relay and PXE Boot
Hi Rsuraj, Thanks for replying, i have no problem with DHCP that is working fine. My issue is telling machines to access the PXE server, i know that you can use DHCP options to achieve this but i would...
View ArticleBGP Nat Problem
Hi.I have a problem .NAT Does not work properly ,i'm trying to set up EBGP in virtual router and use it for internet connections via my PI-Address ,but when i'm tryng to reach internet using NAT i...
View ArticleRe: BGP Nat Problem
Hello,Looks like Your return packets are not making it back to Your SRX. I see You are trying to advertise 1.1.1.0/24 out: set policy-options policy-statement EBGP-output term out-networks from...
View ArticleRT_ALT_WRN_CFG_NEED: MSRPC ALG detected packet; needs extra policy
Hello, I use an SRX100 firewall with zones and policies to isolate several subnets. I do not know what ALG is. All of my policies are "application any". Why am I getting the error listed below? How...
View ArticleLAN to VPN
Hi, I have some external workers on site who connect to their own companies VPN Our SRX doesn't let them connect by default. I read that i need to disable port translation I see traffic hitting the...
View ArticleRe: DHCP Relay and PXE Boot
I got this working by setting the pxe server's ip in the DHCP scope options. Still not sure why it won't work without that?
View ArticleRe: Policy Based VPN - SRX210H to ASA5550
Hello Again And once again thank you for your response: The article that you referenced did prompt me to make changes, but not to my configuration to that of and exist WORKING vpn on the same box. My...
View ArticleNeed help! VPN tunnel is up but st0.0 interface is up/down
Phase 1 & 2 is good, can see active tunnels.VPN was working before, then all of a sudden stopped working. Bounced interface on both end made the tunnel came back up. But severs behind the firewall...
View ArticleRe: IPsec working only "one way"
If anyone is experiencing the same: delete security ipsec policy ipsec-policy-external perfect-forward-secrecyI had perfect-forward-secrecy keys group5 active - however pfsense and juniper seem to...
View ArticleRe: RT_ALT_WRN_CFG_NEED: MSRPC ALG detected packet; needs extra policy
ALG stands for application layer gateway and is an automatic function that will allow related traffic on ususally high ports that is related to the main traffic permitted by the policy. This describes...
View ArticleRe: Need help! VPN tunnel is up but st0.0 interface is up/down
Try " restart ipsec-key-management " , if that dont fix please share below output along with your config. > show log kmd
View Article