Clik here to view.
Re: replacement for srx100 and srx110
rselbert is right about the hardware platform but I would like to add a comment about the software license you need on top. There are three licenses: JSB, JSB-L and JSE.JSB is what you know from...
View ArticleRe: Broken pipe after 10 Seconds
Hi there, it was indeed a assymetric routing problem. I also had to disable ICMP-Redirects...
View ArticleRe: replacement for srx100 and srx110
Do not make any assumptions about the SRX300's capabilities as a switch - they appear to be a work in progress. Also, if you need the capabilities of JSB, it can no longer be considered a budget...
View ArticleRe: Non-SRX VPN Setup - passthrough/NAT to VPN Box Problems
I just need help with my destination NAT - nothing is showing up on my vpn box
View ArticleRe: replacement for srx100 and srx110
SRX300's switching capabilities has improved dramatically in the latest maintenance releases - only Q-in-Q is missing after 15.1X49-D70 which is a couple of months old. I do not understand your...
View ArticleRe: replacement for srx100 and srx110
We do have 1 srx300 in production at a new branch we opened but we had a lot of trouble translating configurations from our 210s that we use at other branches to the srx300. Does anyone have some good...
View ArticleNatting from a routing instance to global instance in a chassis cluster??
Hi guys, Got 2 SRX boxes in chassis cluster.. reth0.0 - Internet, reth1.0 Internal.reth0.0 is in global instance and reth1.0 is in a routing instance. Source-natted out-going traffic from reth1.0 to...
View ArticleVPN Hub and Spoke with IP Dynamic tunnel up but can not ping
Hi all,I'm deploying VPN site to site between Main Office with branches by SRX devices. SRX Branches are behind NAT device. Main Office has IP static public, branches have dynamic IP (use noip). So, I...
View ArticleRe: VPN Hub and Spoke with IP Dynamic tunnel up but can not ping
Hi, Can you please share the VPN configuration from both the hub and spoke side. Also can you enable flow trace for the traffic which is getting encrypted in teh SRX.this will tell us whether the...
View ArticleRe: IKE negotiation failed with error: IKE gateway configuration lookup...
Hi, Can you polease share the configuration fo the SRX and the ASA.We can have a look and let you know whats causing the negotiation to fail. regards,Guru Prasad
View ArticleSRX210 in band managment in trunk mode
Hello all, I need your help to enable this scenario as attached, using ge0/0 in trunk mode with vlan20 "in band mamagment" and vlan90 "traffic data". Fa2 to LAN. what do i need to config to stablished...
View ArticleRe: IKE negotiation failed with error: IKE gateway configuration lookup...
Great thanks Guru! See the below:Cisco Configname 111.111.111.111 juniper-ip!object-group network juniper-ipnetwork-object 111.111.111.184 255.255.255.254!access-list ACL-juniper-ip extended permit ip...
View ArticleSecondary Index Corrupt
Hi: Can anyone help with this problem. I have searched and found nothing. When I commit a new configuration on an SRX210H running Junos 12.1X46-D65.4 I get the message "Secondary index corrupt: not...
View Articlepolicy based VPN
when studing policy based VPN it says that when a traffic match a policy a new tunnel is generated because each tunnel has its own negotiation process and SA ...would someone please explain what does...
View ArticleRe: VPN Hub and Spoke with IP Dynamic tunnel up but can not ping
Thanks for your reply. Here Hub device configsecurity { ike { proposal ike-phase1-proposal { authentication-method pre-shared-keys; dh-group group5; authentication-algorithm sha1; encryption-algorithm...
View ArticleRe: VPN Hub and Spoke with IP Dynamic tunnel up but can not ping
Here is config of a branch device routing-options { static { route 0.0.0.0/0 next-hop 192.168.1.1; route 192.168.6.0/24 next-hop st0.0; }}security { ike { proposal ike-phase1-proposal {...
View ArticleRe: Need to configure syslog to reach syslog server
Hi, You could check:https://kb.juniper.net/InfoCenter/index?page=content&id=KB16502 Cheers,Ashvin
View ArticleRe: VPN Hub and Spoke with IP Dynamic tunnel up but can not ping
I only post config that important. show security ike security-associations and show security ipsec security-associations then up both. I am configuring one Hub with 3 Spoke, sometimes I can ping...
View Article
