Re: Site-to-Site VPN with Inline Transparent Web Filter
Sounds about right. You don't really need a separate ospf area just for this, but that's obviously up to you.Keep in mind you may need to create more security zones on the SRX because it will complain...
View ArticleRe: Site-to-Site VPN with Inline Transparent Web Filter
Correct on the OSPF, I just do it that way (because I'm weird). I have a separe VPN security zone which I'll throw the port/vlan for "Internal VPN" into. That way it's easier to keep adding VPNs in the...
View ArticleRe: Using SNMP to monitor SPU; what are MIBS
Suraj, Thank you. Indeed the SRX100 CLI shows the SPU usage when I issue your command. Can you tell me why the following command, when run from another computer, shows may OIDs but does not show the...
View ArticleRe: RTPERF_CPU_THRESHOLD_EXCEEDED when 40 Mbps passed to st0.1
I did a test in the lab on two SRX100B with IPSEC proposal esp/hmac-sha-256-96/aes-256-cbc and I got Changing st0.0 MTU to 1400B indeed helps avoiding fragmentation. Path MTU discovery kicks in in ths...
View ArticleRe: Site-to-Site VPN with Inline Transparent Web Filter
Correct me if I'm wrong but it looks like you only thought of how to get traffic from remote site to the Internet via web filter. What about returning traffic? The only solution I see would be to NAT...
View ArticleRe: Site-to-Site VPN with Inline Transparent Web Filter
wdudys, I don't understand your concern. As far as return traffic is concern, the remote site is handled just like any other internal LAN subnet. And there's OSPF running.
View ArticleRe: Site-to-Site VPN with Inline Transparent Web Filter
My concern is that returning traffic will not be filtered by web filter. It thats not an issue then ok.
View ArticleRe: Upgrading from 12.1X44-D40 to 12.1X46-D60 fails
hey guys, as I said I cannot run the "--format" command. I get invalid url: loader> install --format tftp://192.168.1.100/junos-srxsme-12.1X44-D60.2-domestic.tgzinvalid URL Any idea why this won't...
View ArticleRe: Site-to-Site VPN with Inline Transparent Web Filter
Ok I gave some more thoughts into it. With proper routing it should work. Please ignore my previous comments.
View ArticleRe: Lots of tunnels ok but ONE route-based VPN tunnel to Cisco ASA passes...
I have no real access to that ASA as it is in another country and owned by someone else. But the below is the read-out of the command. Let me know if any more information might help. ASA-Company#...
View ArticleSRX550 Firewill Filter Deletion/Timeout Issue via jWeb
Hi,I am having issues trying to delete firewall filters via jweb. I click to delete them, and then click commit and they show up with & time and time again. Anyone know how to correct this...
View ArticleRe: Using SNMP to monitor SPU; what are MIBS
When you do a MIB walk you expect to get ~15000 OIDs and it will have the SPU CPU usage as ".1.3.6.1.4.1.2636.3.39.1.12.1.1.1.4" or "jnxJsSPUMonitoringCPUUsage". You may have to wait till the SNMP MIB...
View ArticleRe: SRX550 Firewill Filter Deletion/Timeout Issue via jWeb
do you get any error/warning while commit? Also can you verify the configuration from CLI after you delete?
View ArticleRe: SRX Chassis Cluster connects to Nexus 6k via VPC - Issues
Hi All, Just let you know the issue has been resolved. Now all 4 ports are shown up and all ping successfull. The reason was due to the incorrect cabling ...
View Articleintegration juniper with cisco
Hello,My problem is, I have srx-320 with 2 vlan connected to a swicth cisco sg300 by a trunk port allowing all vlan and I have 2 dhcp pool, all windows devices and sip phone take dhcp ok but apple...
View ArticleSRX240H Slow throughput but can not see why
Dear All I have a pair of SRX240H's in an Active/Active cluster. We are working on a project where there will be about 350 vitual servers accessing resources across the global but using these SRX's as...
View ArticleRe: SRX550 Firewill Filter Deletion/Timeout Issue via jWeb
It is still showing up in the cli, and I am not getting an error when trying to commit. Below is the cli for one of the filters that won't delete. Let me know if you need me to post the second one....
View ArticleDynamic VPN - Users Change Own Password
I'm looking for a way to allow users to change their own VPN (dynamic VPN) password on a Juniper SRX650 running 12.1X47-D35. My problem is if I log in via cli and type out the command "set access...
View ArticleRe: SRX550 Firewill Filter Deletion/Timeout Issue via jWeb
I suspect you cannot delete them because they are in use in another portion of the configuration. Usually they would be applied to interfaces. So in order to remove the filter you also need to remove...
View Article