Public IP address for a server behind an SRX5800
Hi all! We have a hosting system with an SRX5800 as a frontend firewall. We have multiple virtual routers in this device and normally we use static SNATs and DNATs. We give the client a public IP...
View ArticleRe: Issues with IPSEC when one side is Dynamic
spuluka wrote:The main point is that both the remote and hub SRX must have both the local and remote identity configurations. And they are the reverse of each other and matching: local hub = remote...
View ArticleRe: Configuring PPPoE interface on a SRX550 Cluster
What JunOS version the Cluster is running over?Starting JunOS release 11.2R2 PPPOE support was enabled on reth interface.If you refer the link on SRX550 and SRX550M reth can be used as underlay...
View ArticleRe: strange behavior on juniper ARP table when host adds new ip address to...
Thank you!1) not sure what you mean2) the mac address is the same on all ip on same interface also in debian3) adding a static arp worked! that is the trick I will use! thanks you so much! did not know...
View ArticleRe: Configuring PPPoE interface on a SRX550 Cluster
Thanks Malik We're running 12.1 so we should be good. One query that I have is that we have created a specific reth1 interface for the ADSL/PPPoE connection eg reth1.901 for example. When I got to...
View ArticleRe: Issues with IPSEC when one side is Dynamic
I don't recognize any of the messages in your kmd log. Can you verify that this is the configuration for your log. # set system syslog file kmd-logs daemon info# set system syslog file kmd-logs match...
View ArticleRe: Public IP address for a server behind an SRX5800
You won't be able to do this in the same segment you are using for the nat servers. In order to use the public addresses directly on the server you will need a public subnet with that subnet gateway...
View Articlesrx4200 maximum IPsec site to site tunnels
Hi all. Can anyone tell me the maximum IPsec site to site tunnles supported on a srx4200? Can't find anything online.Can you provide me with a link? Thank you in advance.Alexandros
View ArticleClik here to view.
Re: Public IP address for a server behind an SRX5800
Thank you, this worked fine!This solution flew right over my head.
View ArticleRe: srx4200 maximum IPsec site to site tunnels
Currently the supported numbers of tunnels is 2000 (both IKEv1 and IKEv2) - same as SRX1500. I've seen a note stating that this number should be higher in later releases - but no indication of...
View ArticleRe: srx4200 maximum IPsec site to site tunnels
More than 1K..Branch srx supports 1000 tunnels..however this are dc hence it will support more than that.
View ArticleRe: SRX VPN uptime
I know it is very old thread, but I don't understand.. no one replied. How about Juniper support team, are they looking to support?When I do goolge , this is the link come in first, but no answer for...
View ArticleCan I have multiple route-based VPN over multiple st0 interfaces
I want to create three VPN tunnels with third party peers, I want to use route-based VPN with traffic selector as each tunnel has multiple destinations.So can I use multiple st0 interfaces "one for...
View ArticleRe: Can I have multiple route-based VPN over multiple st0 interfaces
You can use multiple units on st0 like st0.0,st0.1 and st0.3.
View ArticleRe: Can I have multiple route-based VPN over multiple st0 interfaces
Is it tested?As I have only one VPN out of them up!
View ArticleRe: Can I have multiple route-based VPN over multiple st0 interfaces
Yes, It is a tested configuration. You may have to verify other vpn configuration and ensure that Phase 2 is coming up.
View ArticleRe: Free Space Issue when trying to upgrade SRX110H1 via USB
Hi guys, thanks for your replys.It seems the problem is somhow related to the Version 12.1X46-D65.4.An upgrade from any other 12.1X-version to 12.1X46-D65.4 succeeds.But if I want to deploy the...
View ArticleSRX1500 - Branch Full BGP Multihoming?
Hi all, I'm currently searching for a Branch Router, which is capable of Full BGP feeds. My requirements are: *) 2x IPv4 Full BGP Table*) 2x IPv6 Full BGP Table*) 1 Gbps throughput*) 3x 10G Ports, and...
View ArticleRe: SRX1500 - Branch Full BGP Multihoming?
I would like to answer in following parts.A.1. SRX 1500 is very stable in terms of features (Routing + Security)2. We have been running it for one of datacenter environment and found perfectly fine...
View ArticleNAT through to a IPSec VPN
Amazon is hosting an Application server my users access via RDP. (10.0.0.110)We have an IPSec connection to the Amazon VPC via SRX300.I need to give my users access to this Amazon resource from various...
View Article