Re: Local Web Filter Blacklist and Default Block
Thank you Suraj I'll try again tomorrow once more and hopefully get it to work this time. I either misconfigured or didn't test properly last time. I'll update this thread after.
View ArticleRe: Local Web Filter Blacklist and Default Block
Hi SurajI realised I had configured the 'default block' command under the 'fallback-settings' and not directly under the 'juniper-local' profile itself. Now that I've done that it works as intended....
View ArticleRe: Cannot reset root password
Can you try the procedure defined here (though it is for MX80 but should work on SRX...
View ArticleRe: Cannot reset root password
Since you are any doing the reboot and not able to login with new password..You may use reset button to factory reset SRX and reboot the boxes to recover. However i do assume that you are already...
View ArticleRe: After enable SSL Forward Proxy the traffic would decrease 90%
Can you paste your configuration and preferably trace-options? Also mention if there are any other changes being made apart from ssl proxy.
View ArticleRe: send syslog to another virtual-router
If I understand correctly, you can simply add the local interface in the routing instances are the source address for your syslog configuration set system syslog host 10.16.2.22 source-address 10.16.2.2
View Articleadding an additional Provider's gateway as default route
Hi all,I "inherited" a few juniper firewalls. Being quite comfy with firewalls in common, i cannot get the juniper to accept a new Line the Internet-provider installed. i already have two other lines...
View Article500 user for srx service gateway
Our customers need a firewall with users on a network of 500 users and 5000 users. which type of srx that can meet the needs of our customers. let me know please. Thanks in advance
View ArticleRe: SRX 650 Strich High with shaping rate
I did a quick test on SRX110 and can confirm that strict-high priority + shaping-rate is limiting the bandwidth. Regards, Wojtek
View ArticleSRX 1400 inactive-tunnels
I'm seeing some odd behaviour with an SRX 1400 (12.3X48-D55.4) and the "show security ipsec inactive-tunnels" command. The firewall reports dozens of VPN tunnels as inactive, "Dynamic tunnel...
View Articlesrx230 - RPM - issue
Hi,I have SRX 230 h2 with two links toward Internet - one main via ge-0 and second (in 0 is failed) via ge-3. I configured rpm: set services rpm probe TRACK_1 test GOOGLE target address 8.8.8.8 set...
View ArticleVPN and PBR with failover
Hi,I need to make SRX to failover the PBR and VPN, only PBR is working with the follow config. The VPN is not working, when the first tunnel is down, the second never comes UP, could you help me? TKS...
View ArticleRe: VPN and PBR with failover
Does this help?https://kb.juniper.net/InfoCenter/index?page=content&id=KB29227
View ArticleRe: adding an additional Provider's gateway as default route
Sounds like you have this setup the same as your other two providers? I would start by connecting a laptop to the new service and set this up with the static address provided and run a test to verify...
View ArticleRe: adding an additional Provider's gateway as default route
ok, solved.funny enough there was a syntax error in the original firewall config / routing section that only the cli validation found, the Jweb check did not complain when committing.... this error did...
View ArticleRe: SRX junos-http's ALG function and junos-http timeout
You are able to see the ALG:http displayed in the output you provided because it is by default implemented in the device, this feature is not under the hierarchy level of >show security alg status,...
View ArticleLan1 to Lan2 Nat config
HiI have 2 interfaces setup ge-0/0/1 is where most of my network servers are. I need when some devices go from ge-0/0/1 to ge-0/0/2 they appear to be coming from a 10.1.1.0 address. I also need when...
View ArticleRe: After enable SSL Forward Proxy the traffic would decrease 90%
Hi Joseph,In how many security policies do you have SSL profile enabled and what is the average traffic handled by these policies? Anand
View ArticleRe: Lan1 to Lan2 Nat config
Hi,You have to configure proxy-arp for the IP 10.1.1.220/32 and regarding policy, If you need bi-directional traffic flow, you have to create two policy: one from Inside_Lan to Inside_Lan2 and second...
View ArticleRe: SRX 1400 inactive-tunnels
Do the active and the inactive tunnels have the same tunnel index? Anand
View Article