Re: SRX 300 - How to disable transparent mode
Hello, IT was good to hear that the command helped you to do away with the transparetn mode on SRX 300. regarding your other concern please delete the vlan interfaces as you have already configured...
View ArticleRe: SRX300 ipsec VPN to Amazon VPC without BGP = complete fail
Dale, Looks like the SRX is not getting a response from the remote side after transitioning to port 4500 due to a NAT device in the path. it is timig out the phase 1 negotiation after a few attempts....
View ArticleRe: vSRX 15.1 Pass-through Authentication Web Redirect Issue
Hi, So after entering the username and password in the pop-up, does it work fine ? If that is the case, then it means that only the web redirection is not working. Regards,Sahil...
View ArticleRe: SRX300 ipsec VPN to Amazon VPC without BGP = complete fail
I would love to but not exactly sure how to do either of those things.
View ArticleRe: SRX300 ipsec VPN to Amazon VPC without BGP = complete fail
Hi Dale, You can use packet captures or similar stuff on the remote side to check if it is responding to our requests. In order to check for filters on the SRX :- Identify which interface you have...
View ArticleRe: Site to site vpn UP 100second and down 20second all the time problem.
Hi, Yes, I removed vpn-monitor and now its working fine.Many thanks. -- Timo --
View ArticleRe: SRX300 ipsec VPN to Amazon VPC without BGP = complete fail
Hi. Can you try disabling NAT-Traversal on the SRX side of the connection? set security ike gateway xxxxx no-nat-traversal Perhaps this will 'force' the SRX to keep negotiating phase1 on port udp/500....
View ArticleRe: SRX300 ipsec VPN to Amazon VPC without BGP = complete fail
I apologize for my lack of knowledge, though I've worked with SRX before I've never really had any issues that required "actual Knowledge". root@HSRX300> show interfaces st0.1 Logical interface...
View ArticleRe: SRX300 ipsec VPN to Amazon VPC without BGP = complete fail
WOW!That did it!Thanks.root@HSRX300> show security ike security-associationsIndex State Initiator cookie Responder cookie Mode Remote Address142510 UP f56860d62b53f165 11034fd46b0e9d4a Main...
View ArticlevSRX scsi & IDE ova image difference
There are two vSRX OVA files available for download, a) scsi and other one b) Ide What is the difference between these two (except hard disk interface) in terms of performance, working behavior? As...
View ArticleSending default route to virtual routing instance
Hi everyone, I wanted to know how I can send my default route from master routing instance to a virtual routing instance. I have one wan link on port ge-0/0/0 but it is part of a xyz virtual...
View ArticleRe: Sending default route to virtual routing instance
Hello, Can you try something like this? set routing-options static route 0.0.0.0/0 next-table xyz.inet.0 Regards, Rushi
View ArticleRe: Diffence between log and syslog
If you want a clear explanation please visit the Juniper KB below https://kb.juniper.net/InfoCenter/index?page=content&id=KB12218&actp=search
View Articleport forwarding on srx 210
I have never been able to set up port forwarding on this SRX 210 today i took a stab at it following these two articles...
View ArticleRe: port forwarding on srx 210
The commit failure seems to be saying you do not have the untrust zone configured on this SRX. What do you see in the zone area? >show configuraiton security zone#show security zone
View ArticleRe: SRX 300 - How to disable transparent mode
I found that if the vlan-id is configured as 1 it will stop the data vlan from pinging the voice vlan, however the voice vlan can still ping the data vlan. When I changed the vlan-id to 10, it pinged...
View ArticleGUI Vs Command Line SRX
Hi All, Can I run GUI and Command line at the same time? How do you rate SRX GUI. Currently I am working in command line. Though it gives more flexibiltiy but obviously its consume more times. Thanking...
View ArticleCluster of SRX Firewalls in Two Data Centres
Hi, Sorry I am bit new to SRX Firewalls. Can someone guide me to set up a cluster of (Active / Standby) for internet & Internal connectivity if the SRX are separated geographically (one SRX in each...
View ArticleClik here to view.
Re: Cluster of SRX Firewalls in Two Data Centres
Hello, Please check the below link to understand what is needed to be done on the L2 switch to connect control and fabric links between both the nodes of the SRX....
View ArticleClik here to view.
Re: GUI Vs Command Line SRX
Hello, Yes, You can run GUI and CLI at the same time if you have it configured accordingly on the SRX. As Far as the rating goes i would say it is really good and useful to do the configruation part...
View Article