Re: State Invalid on user-authentication with Active Directory
Hello TheDisciple. I testing using authentication-entry-timeout 0 and authentication-entry-timeout 10 and the issue is happend. Reynaldo Rossi
View ArticleRe: State Invalid on user-authentication with Active Directory
Hello Reynaldo, It is interesting that logging users out and logging back in simply shows you the issue. The mechanism is that the device reads the event logs from AD to map the user/domain and IP...
View ArticleRe: junos equivilant to screenos VIP port redirection
Hello Ismail, In Junos the syntax for destination address and port translation can be understood simply as under. For simplicity , lets consider the following:- SIP1 = Source IP as seen by the...
View ArticlePPPoE Session Disconnection
Hello,I'm new to the Juniper forums so please forgive me if I have posted in the incorrect place or anything!I’m experiencing issues with a PPPoE connection from an vSRX running as a gateway.It’s more...
View ArticleRe: SRX 300 - VLANS on "untrust" zone and NAT
Can you confirm that the address object SRV1 for the destination is the post nat address 172.16.1.1 set security policies from-zone UNTRUST1 to-zone SRV policy UN1-SRV match destination-address SRV1...
View ArticleClik here to view.
Re: Dynamic Traffic Shaping
Hello, wrote:So I've got a 100m cct coming in ge-0/0/0 and I need to dynamically allocate 20/80 out to ge-0/0/1 & 2 - whereby ge-0/0/2 gets at least 80M (but can also be allocated whatever part of...
View ArticleRe: PPPoE Session Disconnection
Hi Ryan, It will be worth to enable PPP logs as well. This will be confirm if PADT is send because of LCP term-req or LCP keepalive failure. Regards,Rahul
View ArticleRe: SRX240 random ip addresses can't get out to the Internet
just update this thread. I noticed a time/date difference between the SRX nodes. I set NTP on node0 and rebooted node1 no issues so far. 3 days now. We will see how it goes. It is possible something...
View ArticleRe: AT-1/0/0 interface not showing
Went to site myself to find the card not fully seated. :-o
View ArticleRe: junos equivilant to screenos VIP port redirection
Hi,Many thanks for your time and effort. Just to be honest with you, I'm very confused about that. this is what I have From ScreenOS config:" set interface ethernet0/3 description "SRDP" vip...
View ArticleRe: Tftp traffic for IPphone
Hi Spuluka,You're correct. I configured source NAT (pool) at first. It's till not working. Then I configure source NAT (1:1 mapping) with destination NAT instead of an old way. Problem is gone! But...
View ArticleRe: Tftp traffic for IPphone
I believe port randomization is causing issue. It is enabled by default in source Nat and disabled in static Nat. You may verify this by disabling source Nat port randomization.
View ArticleRe: SRX 300 - VLANS on "untrust" zone and NAT
Hi, Your G/W is 10.0.0.14 and LAN is 10.2.4.0/24. When you are trying to access 172.16.1.1 SRV from 10.2.4.0/24. Even there is NAT configuration there is no policy for 10.2.4.0/24 where it go. Try...
View ArticleRe: L2 CoS on ex-4200 switch
Hi, You have following config for voice scheduler:set class-of-service schedulers voice-network-sched shaping-rate percent 5 set class-of-service schedulers voice-network-sched buffer-size percent 5...
View ArticleRe: PPPoE Session Disconnection
Hello Rahul, Thank you for the advice, i have now enabled and i shall see what it logs when the connection drops again! Many thanks, Ryan
View ArticleRe: PPPoE Session Disconnection
Hello Ryan, I see that you are getting IP via dhcp. set interfaces pp0 unit 0 family inet negotiate-address I would recommend you to check if the disconnections coincide with the lease time of the...
View ArticleRe: Tftp traffic for IPphone
Progress at least. Make sure your policy to allow the connection uses the specific application that matches your pbx system and not just the "any" application. Then make sure the matching ALG for the...
View ArticleRe: junos equivilant to screenos VIP port redirection
Hello Ismail, Let me try again! " set interface ethernet0/3 description "SRDP" vip 172.21.24.30: 80 "Oracle4" 10.200.3.37:778 " converts a destination address of a packet (arriving in SRDP zone ) from...
View ArticleRe: AT-1/0/0 interface not showing
Thanks for the update. Always nice to have easy fixes.
View ArticleRe: PPPoE Session Disconnection
So here is the dump from the PPP trace options regarding the dropping and then re connecting of the PPPoE connection! Any thoughts? Is it my end dropping this, i cant see anything stating that im...
View Article