Re: SIP voice service from l2 vlan to internet through SRX345
Hi dBabi Can you confirm if the SIP ALG is enabled:   > show security alg status If yes, also share the following commands:   > show security alg sip calls  > show security alg sip counters...
View ArticleRe: VPN Issue: KMD_VPN_TS_MISMATCH: Traffic-selector mismatch
I would say start looking from this error propective. The VPN tunnel going down due to VPN monitoring. Jun 5 07:18:19 SRX300-Remote_SITE kmd[10477]: KMD_VPN_DOWN_ALARM_USER: VPN VPN_POLICY from...
View ArticleRe: SIP voice service from l2 vlan to internet through SRX345
Hello, Thanks for the detailed explanation.> When you try calling mobile phones, could you please confirm the traffic flow?> Is this correct - Phone -> Local SIP Server -> SIP provider on...
View ArticleRe: Why traffic is very slow over ipsec
Hi all,Just following up my previous post.... When further delving into the case, Packet dropped and Fragment packet are rapidly increasing on branches and hub srx device. After clearing flow...
View ArticleRe: VPN Issue: KMD_VPN_TS_MISMATCH: Traffic-selector mismatch
Hi, Shortly after the VPN monitoring failure it complains about a TS unacceptable. I am sure these are symptoms related to a common problem. > Could you share the ipsec config from the SRX340 side...
View ArticleRe: OPC Support on SRX
To conclude, if I allow the following services, OPC application should work right?junos-ms-rpc-epmjunos-ms-rpc-tcpjunos-ms-rpc-uuid-any-tcp
View ArticleRe: SRX 300 Cluster load balancing not working properly
In Cluster, secondary node will not process transit packets. You may have to change the WAN connectivity such that both upstream gateway should reachable via primary node and secondary node so that...
View ArticleRe: SIP voice service from l2 vlan to internet through SRX345
Hi to all,I haven't got the SIP ALG enabled... Is it mandatory this to have this ALG enabled for the SIP signaling works??? If yes, I didn't know it...When I try to establish a call, I can see how the...
View ArticleRe: SIP voice service from l2 vlan to internet through SRX345
David, Can you enable the SIP ALG and make sure you have a static NAT rule so that your VOIP provider communicates with your internal server? Â
View ArticleRe: SIP voice service from l2 vlan to internet through SRX345
Hi, SIP ALG should be enabled by default. Can you please confirm? > show security alg status | grep SIP SIP : Enabled As I mentioned a quick check would be to try disabling if it is enabled and vice...
View ArticleRe: SIP voice service from l2 vlan to internet through SRX345
Hi,SIP ALG should be enabled by default. Can you please confirm?> show security alg status | grep SIP SIP : EnabledAs I mentioned a quick check would be to try disabling if it is enabled and vice...
View ArticleSRX340 - Prioritize VPN traffic
Hi All, I would like to ask if you can help me to prioritize VPN traffic based on destination IP. Network setup is very simple - client has main office and DB server in Cloud. There is a VPN tunnel...
View ArticleRe: SRX340 - Prioritize VPN traffic
Hi Alex, Are both VPN peers SRX devices? I'm confirming the possibility of using this feature:...
View ArticleRe: SIP voice service from l2 vlan to internet through SRX345
Make sure the policy you have that permits the SIP traffic has the specific appropriate application set in the policy and is not being swept up by some general allow any rule. For the ALG to work you...
View ArticleQOS/COS, best effort doesn't transmit
I have an srx 240 and three Asus AP's on the srx. Junos 11.4xxx . Connecting to the srx the Asus/s are 1 gbps. The srx is in layer 3 mode. I get use of queue 3 "network-controlled", but not best...
View ArticleRe: QOS/COS, best effort doesn't transmit
Eugene, Can you elaborate on your topology? Im not sure if ge-0/0/3 is supposed to be the interface connecting to one of your APs. What is the flow of the traffic? Internet->SRX->APs and...
View ArticleRe: QOS/COS, best effort doesn't transmit
QOS/COS seem fine on the ge-0/0/0 . ge-0/0/0 is the internet interface. No help needed ther as of yet. This is one of the AP's on ge-0/0/13 . ge-0/0/13 { gigether-options { auto-negotiation; } unit 0 {...
View ArticleRe: QOS/COS, best effort doesn't transmit
Hello eugene, Network Control Queue is by default 5% and that Queue is specifically reserved for RE bound traffic( like OSFP, BGP updates etc) with strict-high Priority because in congestion also the...
View Article