Re: SRX policy applications
The application any means that any protocol and any port at all will be accepted and permit the connection without restrictions.
View ArticleRe: SRX- 650 || Policy Based VPN || Communication Issue
I got caught with something similar and it took me ages to find the answer.There is a "BUG" (they say feature) in JUNOS hat reqires the VPN and the interface through which the data flows to be in the...
View ArticleClik here to view.
ospf issues with metrics between areas
Good Afternoon I am seeing an issue where traffic is flowing between R4 and R5 even with it having a metric of 1000. Both of these networks are only bridge so that if R2 fails we still have a backup...
View ArticleRe: SRX- 650 || Policy Based VPN || Communication Issue
Hi Hisham As requested I've run the trace and attched the output. Hello Andrew Thanks for your inputs. Can you please elaborate what you have mentioned. My inside interface (configured as DMZ Zone) is...
View ArticleRe: InterVlan Problem
Yes, I did it. it seem that work fine however I have a problem with the swiths.. I have the last config picture and I can do ping from SW1 to 192.168.13.254, 192.168.1.91 (another VLAN, ,then I think...
View ArticleRe: InterVlan Problem
Hello, When you say that if connected to fe-0/0/6 with IP 192.168.13.5 OR if connected to fe-0/0/3 with IP 192.168.0.5 Are you connecting laptop to these ports with...
View ArticleRe: ospf issues with metrics between areas
OSPF standard says that intra-area prefixes are preferred over inter-area prefixes independent of the metrics/costs, so you cannot do anything about it. Route preference can be modified for internal...
View ArticleRe: VPN IPSec client for JUNOS 12.1X47-D30.4
Hello,On SRX series, the only supported IPSec RA client is Pulse Secure though You may get other clients working without XAUTH.As for Your exact release, in 12.1X47-D30 the Dynamic VPN (server side for...
View ArticleOrder of global and zone specific policy?
Hello Expert What is the order of global security policy and zone specific policy? Means first all zone based policies are evaluated and then all global policies will be evaluated?
View ArticleRe: Order of global and zone specific policy?
Hi aeroplane, Yes, that is the order first all zone specific polices are tested/checked and if the packet doesn't apply to any of the zone "contextes" then after that the global zone policy is applied...
View ArticleRe: Order of global and zone specific policy?
Here is a reference from Juniper on it with more details if you like : "For example, if a policy lookup is performed, regular security policies have priority over global policies. Therefore, in a...
View ArticleRe: Public IP addressed Server behind SRX
Assuming from your post, in order for this to work properly the address book entries need to be zone specific? I am currently trying to get this to work with global address book to no avail....
View ArticleJUNIPER please re-design J-Web, please
Anyone here seen the Juniper J-Web GUI for managing Juniper devices?It is so pre web 2.0 ish and is nothing close the the current web standard of designing new web management GUI for networking...
View ArticleClik here to view.
Dynamic Site to Site VPN - only 1 static IP
Hi,My first post on these forums We have two SRX 100s, we would like a site to site VPN established... ....Here's the catch.... One SRX can have a static address, the other must work dynamically....
View ArticleClik here to view.
Re: Dynamic Site to Site VPN - only 1 static IP
Hi AusEng, Welcome to the forum ! Here is a knowledge base from Juniper explaining the extra steps you have to take to create an IPSec VPN tunnel between two peers when one of them has a dynamic IP :...
View ArticleRe: FTPS not working from internet hosts
spent a day and looking and trying dozens of suggestions posted by other threads on this issue. this is the only solution that worked. Basically it's the only solution that suggested using Static NAT....
View Articlehow to read Total Capacity hardisk on srx3400
hai, i have one question, i want to khow capacity total from hardisk on srx3400, i used command "show system storage". but i can read total capacity from hardisk....
View ArticleClik here to view.
Re: Dynamic Site to Site VPN - only 1 static IP
Wow thanks for the quick response It gets a little more complicated though... We need the dynamic SRX to talk to the static SRX, and the static SRX will then initiate the VPN connection. I think the...
View ArticleJUNOS Default Application junos-ms-rpc-epm
? Hello I was converting ScreenOS config to SRX. I found one application/service MS-RPC-EPM in screen OS, having ports - tcp and udp ports 135. This service/application was not converted by SRX...
View Article