Re: Problem with backup partition SRX 240
Hi all, The second partition had a problem so here is the procedure i use in order to recover request system snapshot slice alternate and then reboot.
View ArticleRe: Ex4200 switch trunking with vmware not working
I promise that the trunk port configuration will work. I have a number of these setup with dual NIC on the VMware host. You about setup with each vlan member on unit 0 is correct when applied to each...
View ArticleSecurity policies not passing traffic
We have an SRX100H2 that I'm trying to lock down. Basically, it's a branch VPN, and I only want to pass limited traffic thru the tunnel. I've set everything up (VPN, NAT, etc.), and traffic passes fine...
View ArticleRe: blocking video streaming using AppSecure
this is was already resolve by updating your AppSecure engine to version : Application package version 2675Version 1.150.0-41.005 dwayne
View ArticleRe: Security policies not passing traffic
Hi From a short look into your config this is my assumption; your security policies did not honor the fact, that the SRX has a specific sequence of first flow evaluation namely ScreenDestination NAT or...
View ArticleRe: Ex4200 switch trunking with vmware not working
Yes .. its working. with cisco there is no need of vlan tagging on server. but with Juniper & VMware setup, Vmware NIC should tag with Vlan ID. Thank you for your help .
View ArticleRe: Security policies not passing traffic
address local-sys-prod-prenat 10.252.253.5/32;address local-sys-prod-postnat 10.2.2.5/32;address remote-sys-prenat 10.12.7.2/32; policy vpn-to-sys-test-amqps { match { source-address remote-sys-prenat;...
View ArticleRe: IDP Direction on SRX
Hello Ammy , Generally we does not recommend to open policy from Untrust to Trust untill you have some web services or application hosting . But when you have untrust to trust policy , its advanced to...
View ArticleRe: SRX-EX LLDP
Unfortunately, LLDP not supported for vlan tagged interfaces. https://kb.juniper.net/InfoCenter/index?page=content&id=KB25750&actp=search Definitely true for 12.1X44. Haven't looked at it for...
View ArticleRe: SRX Power Button
Hello , We can change the behaviour of reset-botton : http://www.juniper.net/techpubs/en_US/release-independent/junos/topics/task/operational/reset-config-button-srx210-changing-behavior.html But for...
View ArticleRe: SRX-EX LLDP
Hi Sam, Thank you very much . Do you know what about the vlan 32767 and why i still view it even when there is no ae interfaces ?
View ArticleRe: SRX-EX LLDP
nevermind .. i found that its created automaticaty even if there is no ae interfaces created ..according to KB28265 :The limit of number of units or VLANs that can be created per physical interface on...
View ArticleRe: Security policies not passing traffic
alexander, Thank you! That did it. I was confused by the logs (which seem to show just the pre-NAT addresses), and the SRX flow diagram, because I assumed that the Static NAT step did both source and...
View ArticleRe: Security policies not passing traffic
Sam, Thanks for the extra info. Knowing that the policies are applied "half-way through" the NAT process was the key. Sadly, the logs made it worse, since they seem to use data from before any NAT. As...
View ArticleRe: SRX5400 Host 0 Boot from alternate media
Hi Luca, This command will be applicable to branch devices.As the correct location should be /dev/ad0s1a, you will have to run the below command for the same; > request system snapshot media...
View ArticleAdding a XPIM to a SRX Cluster
Hello, Wondering if you could give me some advice! We currently have a SRX550 cluster within which Node 0 has an Ethernet Switch 16-port 10/100/1000Base-T XPIM and Node 1 does not, doh! I have another...
View ArticleAllow IP Protocols
Hi Guys, a Customer wants to allow IP Protocol 97 through his SRX.So I created an application like this: set applications application ip97 protocol 97 The Rule looks like this: from-zone Zone1 to-zone...
View ArticleHow to find out where an object is used?
HI everyone, Is there a way to find out where an object is being used? for example, search all the rules containing the object "server-1" or "192.168.5.2" ? Thanks !
View Article