Re: SRX doesn't resolve internet domain names
I thought the same, but, apparently, there's nothing from the other side blocking DNS requests, this firewall is directly connected to the device that the ISP delivered with the internet service. It...
View ArticleRe: SRX doesn't resolve internet domain names
Yes, previously I had configured host-inbound in the internet zone, but it doesn't worked: host-inbound-traffic { system-services { https; ike; ping; ssh; dns; }}interfaces { ge-0/0/14.0 {...
View ArticleSt0 interface stays up
Hi, i have an ipsec tunnel between a srx and end device using route based vpn. I am using ebgp to advertise this end device IP address to the rest of the network. So what i want to achieve is to create...
View ArticleRe: SRX doesn't resolve internet domain names
First question would be does the firewall support dns names instead IP's in its source and destination rule sets? Also enabling host inbound services dns i doubt would work, as the firewall will...
View ArticleSRX Cluster Data Plane Logging and FXP interface
This Branch series SRX logging via cluster issue. The goal is to use stream logging AND have the backup node send syslog simultaneously, though all solutions I've seen ignore the backup RG0 node's...
View ArticleRe: Router on a Stick - Cannot Ping
Hi. I am using source IP of 192.168.16.2/24 which is the IP address of the LAN bridge I created.Ports in bridge: ether2, ether3, ether4, vl-ether1-16 (VLAN interface under ether1). Think the issue is a...
View ArticleRe: IPsec Phase II SA active but not Phase I SA
It turned out that when I added an extra traffic selector in phase II, wether the other side (out of our control) did not configure correctly or there is an interop issue between Junos and ASA, the...
View ArticleRe: Router on a Stick - Cannot Ping
UpdateWell I mamaged it get it going with the following config, so if anyone could enlighten me to as the differences between the vlan-tagging setup and the config below and/or why the below works I...
View ArticleSRX 1500 Ordering Info
Hi, I was trying to make a BoM for SRX 1500, but in the datasheet for SRX1500 (which is just 4 pages) there are is no parts info like in other SRX datasheets. Kindly please help regarding this, need to...
View ArticleRe: juniper srx SSL cert update
After upgrade to JUNOS Software Release [12.1X46-D45.4] problem is solved
View ArticleRe: SRX 1500 Ordering Info
Hi, The SRX 1500 doesn not have SPCs NPCs and so on. It is not very modular if you compare with other High End SRX devices. Regards,Sahil Sharma---------------------------------------------------Please...
View ArticleRe: Aggravating SRX filter-based-forwarding limitation - still an issue?
This behavior is by design and currently there is no plan to change it. However, you can use below KB as a workaround to mark packets, so that they exit from the same interface they came...
View ArticleClik here to view.
SRX650: IPsec VPN phase 1 down,and no-nat-traversal
Hi everyone : Today, SRX650[12.1X46-D40.2] firewall configuration Qos and limit bandwidth for vpn. commit configuration, find,all vpn gateway state is down.rollback configuration, Main mode, vpn...
View ArticleRe: Router on a Stick - Cannot Ping
This config works because you have made fe-0/0/1 part of both VLANs trust and transit. Interface fe-0/0/3 is part of vlan trust. Whenever PC connected to fe-0/0/1 sends an ARP Request broadcast, it...
View ArticleRe: srx system archival via ssh is failing on OLD archive files
Can you try the same test using root user?
View ArticleRe: srx system archival via ssh is failing on OLD archive files
I was able to run the command as root, and it does work. root@peak10-juniper> file copy p10config.txt "scp://juniper@backup.xxxx.com:22" *** All unauthorized access to this system is subject to...
View ArticleRe: IPv6 DHCP Relay/Helper on SRX240H
Hi , I having the same issue , I need to configure IPv6 DHCP relay on SRX -240 , the main catch is that client request is comming via IPSEC tunnel. Could you help me here how to configure it....
View ArticleRe: SRX 1500 Ordering Info
SRX1500 is new high-end firewall with non-modular.Find the available parts of it. N/A (Not available) indicates the item has no price in the price list...
View ArticleSSH doesn't work
Hi everybody. Today I wanted implement ssh authentication ssh-rsa configuring my rsa-key. After that, ssh didn't work and I decided to rollback the config. After the rollbacl I'm not able to access to...
View ArticleRe: Firewall conversion
Thank you everybody for your help. So what about PIX/ASA to Junos converter? They could Help?If yes does it exist in a new version?
View Article