Re: Route problem from trust VLAN to external gateway
Hi,The traffic is not being source-nat.Could you try pinging from a host instead of the SRX interface and capture the show security flow session.You could also perhaps specify the LAN subnet...
View ArticleRe: Route problem from trust VLAN to external gateway
Unfortunately, I don't have access to any of the hosts right now. I may have access later today. I tried specifying the LAN subnet instead of 0.0.0.0/0 but still no pings. See below:will@gw1# show |...
View ArticleRe: SRX240H Anyway to Recover from dwc_otg_nandflash_bulk_flush+0x54 error?
I only have an SRX650 sitting here, I put junos-srxsme-12.1X46-D55.3-domestic.tgz on the 650, and did the snapshot to the USB drive, plugged into the 240, it tried to boot from internal. Went into...
View ArticleRe: SRX240H Anyway to Recover from dwc_otg_nandflash_bulk_flush+0x54 error?
Sorry, I was wrong, I went into loader and did nextboot usb and it booted from USB but I still get the error: FreeBSD/MIPS U-Boot bootstrap loader, Revision 1.7 (builder@shoth.juniper.net, Tue May 4...
View ArticleRe: Route problem from trust VLAN to external gateway
Hi, As this traffic is initiated form the SRX itself, we can see it hitting self traffic policy as it is originated from the zone junos-host :- Aug 12 08:28:58 08:28:58.842689:CID-0:RT:Policy lkup:...
View ArticleRe: route table lock on fw trace
Hi, If you are using event mode logging on the SRX, please use the following link to prevent these logs to be written :-...
View ArticleRe: SRX to Fortigate VPN IKE Timeout
Also make sure that the zone where your gateway interface is configured has ike as a permitted connection. set security zone security-zone untrust host-inbound-traffic system-services ike
View ArticleRe: SRX240H Anyway to Recover from dwc_otg_nandflash_bulk_flush+0x54 error?
I had similar issues trying to create boot USB cross hardware for the SRX. Pretty sure you need to create the snapshot on the same hardware for the device to boot correctly.
View ArticleRe: Route problem from trust VLAN to external gateway
Thank you, Sahil. I expect to have access to the hosts tomorrow. I will perform the tests and post the result.
View ArticleRe: Route problem from trust VLAN to external gateway
Unfortunately, I believe this SRX210B has experienced hardware failure. While running a show command, I got a memory error. I checked memory, and it had less than 4 MB free. I checked hardware usage...
View ArticleSRX and Citrix XenApp/Desktop
Hi,At work we are running two SRX 5800 in a HA cluster. At home I'm running a vSRX firewall. I have issues connecting (externaly) to an Citrix farm (with netscaler) at work (in another DC) - I can...
View ArticleRe: Route problem from trust VLAN to external gateway
If I ping 8.8.8.8 from my vlan.3 router, I get nothing: That looks like your are actually pinging from the SRX and not your layer 3 switch?
View ArticleRe: SRX and Citrix XenApp/Desktop
Most of the issues that I've seen working with Netscaler have been related to the communications between the DMZ server and the internal web server, auth server or presentation server on the...
View ArticleRe: One-way SCTP thru SRX345 on JunOS 15.1X49-D50.3
It's a bug: PR1204177 ETA is end of September, target release 15.1X49-D60.
View ArticleClik here to view.
Re: SRX and Citrix XenApp/Desktop
Thanks for your feedbackOne important pice of information that i might have missed in my original post: Accessing the Citrix using Netscaler works well from a mobile broadband connection. i.e. sharing...
View ArticleRe: LACP on SRX 300
Yes, in the SRX 300 juniper needs you to use interface-mode not port mode as we were all using before. ae1 { aggregated-ether-options { lacp { active; } } unit 0 { family ethernet-switching...
View ArticleRe: SRX to Fortigate VPN IKE Timeout
Hi, Thanks, yeah i'd already had the host-inbound-traffic system-services settings setup, but as it turns out it was the other end, they re-created their profiles over the weekend, and it's...
View ArticleClik here to view.
Interesting multi-subnet single LAN / DMZ disappearing issue.
Hi, So i've been working on an odd issue which i'd like to get a second opinion on, firstly let me state, this isn't an ideal setup, however it is what it is (as it's a bit of a interim fix) As a...
View ArticleSRX320 VDSL-MPIM on German ISP working?
Hi Folks, at Home I have a SRX320. I want to connect it directly to my ISP (Deutsche Telekom, VDSL, 50M) so I don't need the crappy Telekom Router anymore. I found out that the Card "SRX-MP-1VDSL2-R"...
View Article