Re: SRX COMMIT FAIL-nterface must be configured under interface
You getting this error because your interface is called in security zone but in reality it doesn't have any configuration. Try to assign IP address to interface and commit again. Thanks,MYN
View ArticleRe: [request feature] dual control / fab on branch srx
Dual fabric links are supported on branch SRX but not control links as of now. You can visit this link for more details:...
View ArticleApple iPhone/iPad VPN to Juniper SRX - now possible!
Hi,For a long time, I was trying to find solution to establish VPN connection between Apple iPhone/iPad devices and Juniper SRX devices, but without success. Now, with latest Apple iOS improvements,...
View ArticleRe: Simple migraiton SRX240 to SRX240H2
Hi MYN, I'm not sure how it does it exactly ( decrypt it or not ) though I doubt it decrypts it. What I am sure of, is if you copy a configuration then you don't have to re-enter the shared secret...
View ArticleRe: Firewall filter is not working as expected or I am missing something
Your firewall filter looks good. The reason why your traffic is passing, it might be passing through another interface. Check the security flow session, are the sessions tied to right interface?
View ArticleCreate Geo location based policy to block access from specific countries
We have two offices and secured one with Juniper SRX 220 H& other with SRX240 H2 Both office have FTP, WEB & DB servers & everyday lot of hits from some countries(China, Korea...etc) and...
View ArticleRe: Create Geo location based policy to block access from specific countries
Hello,Get a free GeoIP database http://dev.maxmind.com/geoip/geoip2/geolite2/ and start building a prefix-list/address-book entry.But I'd reckon it is going to be very long unless You'll find a way to...
View ArticleBandwidth Usage Monitoring
I would like to know if there's a way to monitor bandwith usage on a SRX. For example, I want to check how much bandwidth has moved through the srx for like this month. Is there way to accomplish...
View ArticleRe: Bandwidth Usage Monitoring
Hello, if you enable SNMP then you can get the per-interface stats. You may use MRTG or Cacti to get the output in some decent graphical form.
View ArticleMultiple logical interfaces per one physical
Hello, SRX 220 here. I'd like to define 2 logical interfaces (each with dedicated IP) at one reth interface. The reason isn't functionality, but monitoring related. I use SNMP to obtain the traffic...
View ArticleRe: Ping with "source" attribute
I thought I would add a config snippet if people are trying to achieve the same goal you are but for SRX1xx/2xx chassis. set interfaces lo0 unit 1 family inet address 1.1.1.1/24 set security nat source...
View ArticlePrevent web-management to be accessible from outside
Hi All, I faced a bit confusing situation and could not find answer in Internet. I'd like to disable web-management on External interface reth0.1 so I have got the following config: set system...
View ArticleRe: Prevent web-management to be accessible from outside
management-url is the option for you. Below URLS can help you more...
View ArticleRe: SRX COMMIT FAIL-nterface must be configured under interface
execute below command:-set interfaces ge-0/0/2 unit 0and then commit-IE
View Article3G modem configuration on SRX100
Hello,I have an SRX100 running 12.1x44 D45 version, modem is 320U Sierra Aircard. cl-0/0/8 is created automatically, dialer interface and gsm profile are configured however cl-0/0/8 show...
View Articlemonitor policer stats in SRX1400, 12.1X44 using simple-filter
Hello. Running SRX1400 in Active/Passive cluster, 12.1X44-D45. We configured rate limiting for inbound traffic on our 100Mbps link. The config took. Had to use simple-filter. Does anyone know how to...
View ArticleTCP Port QOS priority
I have a client with a cloud based LOB needing a TCP port number set to high priority. I am not seeing how to set that on a Juniper SRX100H2. Software ver. 12.1x46-D35.1
View ArticleRe: TCP Port QOS priority
You may use multifield-classifier to classify and prioritize traffic based on port numbers. Below URL explains the...
View ArticleAnyone get the SRX-1500?
We're looking at getting a pair of 1500's for a mission-critical service. Has anyone purchased one yet and have any feedback, good or bad? --Paul
View ArticleRe: monitor policer stats in SRX1400, 12.1X44 using simple-filter
Hi samc, What do you mean by "produces no output" that there is no output at all or no hits to the policy ? Have you tried these commands : >show firewall filter RATE-LIMIT It should produce this...
View Article