Re: Block Whatsapp calls
Hello , We can block it in 2 ways : 1) Use the whatsapp IP address range and block them in security policy . IR ranges are in : https://www.whatsapp.com/cidr.txt 2) Use AppID to block it . This is a...
View ArticleRe: Block Whatsapp calls
Hello , To configure AppID , you can refer the following Doc : https://kb.juniper.net/InfoCenter/index?page=content&id=KB25255&actp=METADATA
View ArticleRe: Mysterious issue blocking some outbound connections
Hi! Did you ever find the cause of this? We are also struggling with something similar for a while with our SRX1400-cluster. Spent years on this! JTAC haven't figured it out either. Getting a lot worse...
View ArticleProxy-ID
what are the differences between proxy-ID and traffic selector and when to use them ?
View ArticleRe: Proxy-ID
Hello, Proxy-ID and Traffic selector both of them do identical function:- Define set of traffic that can go over tunnel. With proxy-ID, a single VPN (bound to a tunnel interface) can have a single...
View ArticleRe: Strange port forwarding issue - SRX320
Hi Guys Please i need some help here - This is the scenarioI have an application running running on a server (2012 R2), that application can only currently be accessed internally. localhost and...
View ArticleRe: srx240b2 can't add static IP address to interface
So the solution to my problem was to make my AP's DHCP servers, and to make the srx relay the DHCP traffic.
View ArticleWhta is the difference bettween session creation per second and performance...
Hi, I have a question. As you see the 3 commands results, so many active sessions and failed sessions occures, but we can not get session creation per second, the result is always zero.Whta is the...
View ArticleRe: Whta is the difference bettween session creation per second and...
Hi YukaDora, Performance sessions will show all the sessions that are present on the firewall on that particular card.This includes all the sessions which may have been opened earlier as well but got...
View ArticleHow to share printer (mdns bonjour apple) in a different vlan .
Goal:apple devices would be able to discover the printer (192.168.2.20) in vlan.2 (192.168.2.0/24) from vlan.1(192.168.1.0/24) With the "policy printer", From vlan.1 I can ping and see webpage of the...
View ArticlePing fluctuations SRX external interface
I have an issue with external link fluctuating while pinging from outside (from other external network to SRX untrust interface), i have checked ping to ISP side it's clear and no ping...
View ArticleRe: How to share printer (mdns bonjour apple) in a different vlan .
Hello, When Apple device is trying to disconver printer, can you take the 'security flow traceoptions' on the SRX using the link below?...
View ArticleRe: Ping fluctuations SRX external interface
Hello, When ping is sent to SRX from external host, can you take the output of commands? show system processes extensiveshow security monitoring performance spushow security monitoring fpc 0 Regards,...
View ArticleRe: Ping fluctuations SRX external interface
Hi Rushi, The issue when ping from outside my network to the external interface, not when ping from SRX Rami
View ArticleRe: Ping fluctuations SRX external interface
Hi Rushi, Here are the logs as requested, show system processes extensive node0:--------------------------------------------------------------------------last pid: 58930; load averages: 0.53, 0.60,...
View Articlewhat best practice of interface monitoring on chassis cluster using LACP?
Hi All, In chassis cluster active/passive setup, what are the best practice on interface monitoring if i'm using LACP. For example i have 3g interfaace and minimum link must 3g. Do i have put reth0 or...
View ArticleRe: How to share printer (mdns bonjour apple) in a different vlan .
from set security flow traceoptions file flow-trace set security flow traceoptions flag basic-datapath set security flow traceoptions packet-filter f0 destination-prefix 192.168.2.20/32 outuput :...
View ArticleRe: How to share printer (mdns bonjour apple) in a different vlan .
Hello, It does not look like that traffic is reaching the SRX when your apply device starts searching for the Printer.What traffic (ports, protocols etc.) is used to discover the Printer by Apple...
View ArticleRe: How to share printer (mdns bonjour apple) in a different vlan .
Bonjour is Apple's implementation of zero-configuration networking (zeroconf), a group of technologies that includes service discovery, address assignment, and hostname resolution. Bonjour locates...
View ArticleIKE phase 1
2-IF i specify in the gatway of IKE phase 1 that the address is the loopback IP of the tunnel peer, Does that means that the peer must specify his gateway external interface as lo0 ??
View Article