Re: Multiple logical interfaces per one physical
So if I define a subinterface with a unique IP assigned and with some bogus VLAN setup (vlan-id) just to satisfy the configuration requirements, then that will work (traffic related to that secondary...
View ArticleRe: How to monitor interface traffic with Cacti, PRTG or MRTG
Yes, just enable & configure SNMP on the SRX device and then use MRTG or so to view per-interface stats.http://kb.juniper.net/InfoCenter/index?page=content&id=KB16545&actp=search I use...
View ArticleSRX active/passive cluster logging.
Hi all. We have a Juniper SRX cluster in an active/passive configuration deployed at our site and we are trying to forward logs to a syslog server. Following the Juniper guides I have configured the...
View Articleipsec tunnel fails
Hello.I have several SRX boxes with RB IPsec VPNs at it.one of the box have a trouble - only one tunnel suddenly drops (3 other tunnels work fine).here is output root@problem_srx> show security...
View ArticleJ-web Problem ( Request System Storage Cleanup)
Hello, First of all sorry for my bad english. In srx 650 firewall. I use cluster firewall. I opened j-web interface in browser. But device gave error message. J-Web is unable to access user...
View ArticleRe: J-web Problem ( Request System Storage Cleanup)
Hello,Jweb reports truth: /dev/bo0s3f 616M 615M -48M 108% /cf/var Please look into users home directories (under /var/home/) , the "request system storage cleanup" does not clean those.HTHThxAlex
View ArticleRe: J-web Problem ( Request System Storage Cleanup)
First of all thank you for reply. I checked /var/home folder. but i didnt find any big file. root@SRX-1% du -ah2.0K ./user1/.ssh4.0K ./user12.0K ./user2/.ssh4.0K ./user22.0K ./netadmin/.ssh4.0K...
View ArticleSRX550 Warning "You have changed enhanced services mode"
Hello, while preparing SRX550 cluster for our client, I've started getting a strange warning on each commit.The warning message is:"You have changed enhanced services mode.You must reboot the system...
View ArticleSRX1400 Local Web Filtering
Hi All I'm running 12.1X46-D40.2 on SRX1400. Can I have local webfiltering on SRX1400 without any additional license? I have appsec license for IPS. If its possible can someone explain how? Cheers Lushan
View ArticleRe: SRX active/passive cluster logging.
Hi, You said: "From the SRX we can ping the syslog server using a routing instance." is this instance different than the default routing instance? If so, try configure log sending, to be sourced from...
View ArticleRe: DHCP server on interface vlan tagging (sub-interface)
Hi, interface and system services dhcp seems to be OK.Although if you don't use Q-in-Q tunneling, you can safely swap flexible-vlan-tagging with vlan-tagging. Your problem may be coused by firewall...
View ArticleGRE performance
Hi I'm preparing a solution with overlay network based on GRE tunnels. Tunnels are built between QFX and SRX. I know about QFX performance for GRE but I can not find any usefull information about SRX...
View ArticleRe: dual ISP ipsec VPN on srx240 to remote SRX with one public IP
Can you post a sample config? I want to try to implment something similar but have not been very sucessful so far. thanks
View ArticleRe: SRX junos-http's ALG function and junos-http timeout
I am pretty sure there is no http ALG. And I think you are confusing ALG with application setting defaults. The default application junos-http can be used in policies. But if your application needs...
View ArticleRe: DIP Nat screenos to Junos
In screenOS the EXT just means that the dip address is NOT in the same subnet as the interface on which the dip is created. This concept is not applicable in Junos that simply creates a pool address to...
View ArticleRe: SRX550 Warning "You have changed enhanced services mode"
I cannot find the official documentation, but I believe that Sky ATP is only currently available on the SRX1500 series devices. You should check with your product manager for confirmation of support...
View ArticleRe: SRX1400 Local Web Filtering
The official documentation page is only showing the branch devices for the local web filtering option. But I believe this feature was added to the datacenter line. And the SRX1400 is a separate build...
View ArticleIntegrated User Firewall inside logical systems in SRX3600
Hi experts, When I read the release notes, it says the integrated user firewall not support in logical systems.But if we indeed need this, is there any workaround? Thanks in advance! ThanksEvan
View ArticleSRX VPN and NAT
We are starting to provide preconfigured SRX100s to our clients to securely connect to our hosted datacenter over IPSEC.We would like to isolate the networks on both sides from IP conflicts. We would...
View ArticleRe: SRX1400 Local Web Filtering
Thanks for the replyLushan JayawardhenaDesign Specialist | Consulting & Design | Optus Business| M: 0401464094 D: 03 90335375 | E: lushan.jayawardhena@optus.com.auLevel 9 Optus Centre 367 Collins...
View Article