Re: Scheduler per unit basis versus Scheduler per physical interface
Thanks Wdudys for all your help, I am going to take baby steps , do not want to get burned out.Have a nice day!!!
View ArticleClik here to view.
Re: Remote Access SSL VPN with NPC Client
Hi Steve and Mannan, NCP Remote access is supported on entire SRX range (300 series, 550HM, 1500, 4100/4200 and 5000 series) since 15.1X49-D100 (ref:...
View ArticleRe: Does SRX support ALG for JAVA RMI?
Hi, mkamaraj, One of my customer want to implement the Java-RMI application. So ask i'm understand the Java-RMI application functuion similar like FTP that need the ALG. So is there any one exprince...
View ArticleAppID - Preprocessing
Preprocessing must function before Appid to reorder and reassemble the fragments of each packet in case the signature pattern is splitted over 2 fragments for example and to avoid fragmentation...
View ArticlePVID tagging SRX240 11.4 7.5
I am only aware that trunking on this srx version is possible and that tagging is auto in this port mode. I realize vlan-tagging is possible as well. Is it at all possible to tag via PVID. Is it...
View ArticleRe: PVID tagging SRX240 11.4 7.5
Lookslike PVLANs are not supported on the SRX only the EX, QFX and MX series devices. https://pathfinder.juniper.net/feature-explorer/feature-info.html?fKey=1206&fn=Private%20VLANs%20(PVLANs) I've...
View ArticleSRX 650 and Buffer-size of Egress queues.
Hi everyone Have some questions about egress queue buffer size on SRX 650 edit class-of-service schedulers]root# set VIDEO buffer-size ?Possible completions: exact Enforce exact buffer size percent...
View ArticleSRX egress queues policer /shaper
Hi everyonePlease consider the following example: Scheduler NETWORK -CONTROL Transmit-rate 20M exact priority strict highAre we doing Policing or shaping above? what is burst size assumed?Scheduler...
View ArticleClik here to view.
Packet Loss Priority in Classifier and incoming DSCP value on SRX 650
Hi everyone, Please consider the following example: Above, the highligthed bits two bits are used to encode Packet loss priority which is used by RED to selectively drop packets during congestion. Let...
View ArticleControl Plane Traffic PIM DSCP can not be modified
Hi everyone. Please consider the folowing example: SRX1--F0/0/3 -35.35.35.1----->Network Both NTP and PIM traffic egresses fe0/0/3Please ignore nay typo in the command as I typed these commands not...
View ArticleRe: SRX egress queues policer /shaper
Shaping to configured transmit-rate. Burst size is limited by configured buffer-size.On some platforms you have an option to do policing. Instead of exact you use rate-limit parameter. Regards, Wojtek
View ArticleRe: Control Plane Traffic PIM DSCP can not be modified
Can you try set dscp in the firewall filter together with forwarding-class? then dscp 38 Regards, Wojtek
View ArticleRe: Packet Loss Priority in Classifier and incoming DSCP value on SRX 650
DSCP will not be modified unless proper rewrite rule is configured.While packet is processed information about forwarding class and packet loss priority is stored as a metadata.Regards, Wojtek
View ArticleSRX interface flappinng "down reason tlv value (0x0)
Hello,I have a SRX in packet mode acting as an internet gateway (basically BGP multihoming on the northbound interfaces and connected to a pair of firewalls in the south.fw1-----ge-0/0/0...
View ArticleRe: Control Plane Traffic PIM DSCP can not be modified
Good Morning !! We can not use firewall filter to SET dscp value on SRX , we can only dircet traffic to a FORWARDING CLASS and use REWRITE rule on that FORWARDING class to encode desired DSCP which I...
View ArticleFirewall filter and "Count" action
Hi everyone, In Cisco, we use " log" option to count packets that match particular access list statement but this is control plane acivityIn Juniper we use " Count" with " then " statement to acheive...
View ArticleRe: SRX 650 and Buffer-size of Egress queues.
1) It will be set to 9192 and you will see a log entry fwdd_cos_set_delay_bandwidth:queue:19 delay buffer size(0) too low, setting to default 9192 2) Total buffer size is platform and configuration...
View ArticleVPN UP but ping only reach 2 packets
Hi, I have a VPN between an SRX300 and a Fortigate 100D, the VPN is UP but ping only reach 2 packets, if I clear the ike security associations the behavior is the same, any idea?
View ArticleRe: Authentication failure: Firewall is out of license
<div id="inner-editor"></div> 119/5000 Hello good afternoon.It follows its guidelines, but without success, my equipment has occurred this problem with frequency.
View Article