Is is have traffic impact?
Hi all, may i know if i add command "set security nat source address-persistent" in the life traffic nat is it will impact the current traffic? One more thing what actually purpose of nat source...
View ArticleQuestion - Configuring two DHCP server
Hello all, I've been using a DHCP server for long time, and configuration is in place and working (This is an SRX in Chassis cluster). Now I want to use a new DHCP server but only for 2 interfaces as a...
View ArticleAccess Internal IP of firewall over VPN - SRX 340
I am currently setting up an SRX340 in chassis cluster mode, however when VPN'ing in I cannot seem to access the internal IP of the SRX firewall to manage this device. I have tried setting up various...
View ArticleRe: Is is have traffic impact?
may i know if i add command "set security nat source address-persistent" in the life traffic nat is it will impact the current traffic? The documentation does not say this interupts sessions and since...
View ArticleRe: Access Internal IP of firewall over VPN - SRX 340
It looks like your Dyn VPN is setup with a protected resources address is 10.0.0.0/8 while your SRX fxp0 address is in the 192.168.54.0/24 range. When connected you only have access to the protected...
View ArticleRe: Access Internal IP of firewall over VPN - SRX 340
Thanks for the reply, in this particular case I am looking to access either the 10.10.10.1 or 10.10.100.1 router IP on these vlans. The FXP connection will not be available when this is finally set up....
View ArticleVPN Route issue with traffic selector
Hello All,I got srx240 (Version : 12.3X48-D40.5) in cluster mode. I got 2 ISP links terminated on each node( active/backup) . IPsec VPN tunnel configured on each ISP for remote access. Totally I have...
View ArticleRe: Question - Configuring two DHCP server
If you just want to change the active server for CORPORATE_V1001_DHCP_RELAY and VOICE_V1103_DHCP_RELAY, then you need to specify the active-server under the group only as you already configured. set...
View ArticleClik here to view.
Re: cisco asa to juniper srx vpn site to site not working !!!!
dear eng.spuluka I did what you say but still I can not commit .
View ArticleRe: cisco asa to juniper srx vpn site to site not working !!!!
It would be good to be sure you are reaeding all the suggestions. If you go back through the comments, you will see that your configuration as it is will NOT work. Just look at these and check if any...
View ArticleRe: Is is have traffic impact?
The documentation does not say this interupts sessions and since the feature just adds a timer AFTER the session closes to keep the association of NAT the same, I would assume there is no affect. I...
View ArticleRe: Is is have traffic impact?
As noted in the KB above, persistent NAT is a timer that keeps the previous NAT association handy and will reuse it for the similar request that occurs in that time period. With the “persistent-nat”...
View ArticleRe: Access Internal IP of firewall over VPN - SRX 340
Ok, then the basic configuration looks good. Walk through the steps listed here and post the contents of the trace file. If the issue is not obvious....
View ArticleRe: Is is have traffic impact?
I guess here we are talking about 2 things "address-persistent" and "persistent-nat”The initial post from kronicklez1<> is talking about "if i add command "set security nat source...
View ArticleRe: Is is have traffic impact?
I guess here we are talking about 2 things "address-persistent" and "persistent-nat”The initial post from kronicklez1<> is talking about "if i add command "set security nat source...
View ArticleRe: Is is have traffic impact?
Hi Suraj,So the conclusion it's not impact the current session Nat right? It just impact the new session Nat.
View ArticleRe: Is is have traffic impact?
Hi spuluka,Yes...the ipsec across srx...do I still need to enable alg for index? Or just enough enable source Nat address persistent?Thanks and appreciate some advise
View Article