Quantcast
Channel: All SRX Services Gateway posts
Browsing all 17645 articles
Browse latest View live

VRRP Issues

Hi, I have VRRP setup on my two SRX550's We had one internet line up until recently so all of our VLANs were using FW01 as the master node. Machines in vlan.68 were able to contact vlan.40 with no...

View Article


Suite B configuration

I'm trying to set up a tunnel using the predefined proposals for suite B.  I can see the traffic and it attemps to establish the tunnel, but it never does.  If I remove the proposal set and use a pre...

View Article


Can someone explain this PR1251752?

Hi all, Appreciate someone explain regarding the PR1251752 whether its related to my issue there is when i query my DNS Server using https://dnschecker.org/ it also appear a private ip DNS server....

View Article

Re: Branch SRX as a DHCPv6 prefix delegation client?

I'm running into this issue as well, using an SRX320 on Spectrum. I think I may have gotten to the root of the issue. According to this article, the DHCPv6 client cannot handle RA messages with...

View Article

Re: question about vlan-tagging and reth

Hello guys,Would be most grateful if someone would explain the underlined part of the configuration below, and why its required. reth3 {    vlan-tagging;    redundant-ether-options {...

View Article


How to apply / install license on NCP Client?

Hi all, any one know how to apply license on NCP client for SRX? As i know the NCP client is 30 days free trial. I'm cannot see the menu on client to install the license. Thanks and appreciate someone...

View Article

Re: vSRX HA Cluster on VMWare vCloud

Hi, Did you ever manage to get this to work? Im currently stuck. On my setup the control link shows as down. Ive enable promiscuous mode,. But yet it still dowm

View Article

Re: How to apply / install license on NCP Client?

Hi , If you are trying to install the license on the NCP client itself, you just need to be connected to the internet and then you can follow the steps provided on the below document to activate the...

View Article


Re: SRX300 series VLAN interface

What a shambles - that Juniper would mess up what was working well for years! The new SRX range and 15 software are so problematic that my company is looking at moving to another platform.

View Article


Re: SRX3400 Redundency "show ntp status"

The metric for NTP sync is not rootdelay. It is stratum. As long as your stratum value is not 16 your client is in sync with the NTP server. Lower the stratum value more accurate is your time. Stratum...

View Article

Re: SRX3400 Redundency "show chassis cluster information"

The above output means this cluster has never had a failover.  Below is a sample output of a cluster which has experienced failovers user@host> show chassis cluster informationThe following output...

View Article

category list not getting hit on EWF

Hi Experts, we are having problem on the enhanced webfiltering. everything is configured right(i hope so) but all the websites that should be blocked based on the category list from the EWF profile...

View Article

SSL Forward Proxy

Hi I am testing SSL forward proxy over vSRX junos 15.1, I followed the below guide steps; https://www.juniper.net/documentation/en_US/junos/topics/task/configuration/ssl-proxy-workflow-configuring.html...

View Article


Image may be NSFW.
Clik here to view.

IPSec VPN not stable- connection keeps dropping out

Hi, I setup a vpn tunnel between juniper SRX-240 and FlexGW-StrongWAN machine. The tunnel becomes up for cetain time then the connection drops while rekeying.I tried to debug the ike logs i found the...

View Article

TCP-Proxy

Does SRX act as proxy for tcp connection by default or this is have to be configured ?

View Article


Re: SRX and Multicast over IPsec VPN

@ShaneBooker Did you find any solutions?  I'm trying to do the same thing.  I've been trying configuring protocols igmp, and pim, as well as setting up GRE tunnels (gr-0/0/0), but no luck getting...

View Article

Re: TCP-Proxy

It has to be configured set security screen ids-option ids-zoneX tcp syn-flood alarm-threshold # set security screen ids-option ids-zoneX tcp syn-flood attack-threshold # set security screen ids-option...

View Article


Re: TCP-Proxy

Hello  TCP Proxy is usually enabled by default. Also certain features like UTM/IDP/ALG or screen flooding can trigger the TCP proxy. For more on TCP proxy, please refer the following documentation...

View Article

Re: SSL Forward Proxy

Hello, The fact that the "ignore-server-auth-failure" option helps you to pas sthe traffic indicates that the possible problem can be with that certificate validation, root CA expiration dates. It...

View Article

Re: VRRP Issues

My guess is asymmetric routing. Traffic from vlan 68 is sent to the default gateway FW02, it forwards it to the vlan 40. Now returning traffic from vlan 40 is sent to it's default gateway FW01 and is...

View Article
Browsing all 17645 articles
Browse latest View live


<script src="https://jsc.adskeeper.com/r/s/rssing.com.1596347.js" async> </script>