Re: IPSec Tunnel on linux
Hi, The following link tgives the basic configuration for setting up a route based VPN on the SRX...
View ArticleRe: Port Forwarding for a single source address
312.#.#.226/32312 would not be a valid ip address, is the device address valid?
View ArticleRe: How do i setup virtual IP (VIP) on SRX240 device?
The example you link to on digital ocean shows how you configure load balancers. Load balancers can send the same input traffic to multiple destination servers. The SRX is a firewall and does not...
View ArticleRe: Filter ICMP Packets
By applying the filter to the interface you affect ALL traffic that crosses the interface, not just the self traffic for the SRX. Thus the return pings for any internet address are also blocked....
View ArticleRe: Filter ICMP Packets
Hi, You could as well allow selected icmp-types in the firewall filter if the objective is to filter icmp traffic to that interface.For instance, allow icmp-type echo-reply which will allow all...
View ArticleRe: How do i setup virtual IP (VIP) on SRX240 device?
Ok again i want to setup Floating IP. Do you know what floating IP is? Did you read the link i sent to know what the use of floating IP is? Floating IP is NOT a loadbalancer, it is used to direct...
View ArticleClik here to view.
Re: How do i setup virtual IP (VIP) on SRX240 device?
No need to get rude, yes, I read your link. The discussion on floating ip address is a function of the load balancer. From your diagram LOAD BALANCER failover in the flow diagram. The SRX does not...
View ArticleClik here to view.
Re: vSRX 15.1 D50 cannot add ge- interfaces
i have manged to add interfaces on vSRX 15.1 D50.3...... But am now not able to use more than one interfaces....like they are visible.. but not operational..they are up/up but do not respond/find...
View ArticleRe: vSRX 15.1 D50 cannot add ge- interfaces
AshvinO wrote:Hi, I have same issue and fpc0 reports "CPU less FPC":root# run show version Model: vSRX Junos: 15.1X49-D40.6 JUNOS Software Release [15.1X49-D40.6] [edit] root# run show chassis fpc 0...
View ArticleRe: How do i setup virtual IP (VIP) on SRX240 device?
Hi,Am not familiar with load balancing mechanism by fit for purpose load balancers.On the SRX, D-NAT can be used to present a "public facing" IP, similar to a floating IP. As Steve mentions, SRXs are...
View ArticleRe: Port Forwarding for a single source address
sahilsha, thank you! I will try to do so as you said!312.#.#.226 - not real IP, it's used for example onlysrx220h, JUNOS Software Release [12.1X44-D35.5]
View ArticleRe: Filter ICMP Packets
HI Ashvin0, I did, but is not working: set firewall family inet filter [filter_bla_bla] term 2 from source-address [public ip]set firewall family inet filter [filter_bla_bla] term 2 from source-address...
View ArticleRe: Filter ICMP Packets
Hi sahilshaThe term 4 is reject the ping from another IP address. I've allow the specific IP address, this term 4 is to drop the connection from other IP that is not listed.Thank you
View ArticleRe: Filter ICMP Packets
Hi, Your term 2 is as follows :- set firewall family inet filter [filter_bla_bla] term 2 from source-address [public ip]set firewall family inet filter [filter_bla_bla] term 2 from source-address...
View ArticleRe: Filter ICMP Packets
Hi, Assuming you are using source-nat to nat from LAN to Internet, is it being NAT on the interface?If yes, you could add the matching condition "from destination-address [mypublic ip] to the...
View ArticleRe: SRX IDP Local Updates
So I guess no one has any ideas how to accomplish this? Too bad as it would be much simpler to download the files from the internet from a device/computer capable of doing so and dropping them into...
View ArticleNot Able to edit Source Prefix list
I am unable to edit the source prefix list of SRX 210 to add more IPs to it via J-web Anyone encountered this problem before?
View ArticleRe: Not Able to edit Source Prefix list
Hi, Did not try them from Jweb, you can edit the using the CLI as follows :- set policy-options prefix-list <name> IP1set policy-options prefix-list <name> IP2 BTW, which version are you...
View ArticleRe: Not Able to edit Source Prefix list
Hi Sahil, I know the commands from the cli. Was trying to show a customer Juniper's J-web was easy to use than its competitors. No error at all. I just wasnt able to add more IPs to the prefix list via...
View ArticleHow to configure sll proxy in VSRX
Dear All ,I have a problem in configure ssl proxy in vsrx (x49-d30) where erorr ecure when trying to load acertificate file ********************* root@vSRXX49-D30# run request security pki...
View Article