Re: Cant browse internet
Assuming 192.168.20.0/24 and 192.168.30.0/24 are the two subnets, it should work. What is the DNS server IP used by clients in subnet B? Is DNS traffic being blocked by a security policy, or lack of...
View ArticleRe: Cant browse internet
Anand10 wrote:Could you please share the complete config. You are still missing routing config in the file. Anandrouting-options { static { route 0.0.0.0/0 next-hop 192.168.1.1; } }
View ArticleRe: Cant browse internet
HI, What I meant was this:- firewall { filter PBR { term TRUST-ZONE { from { source-address { 192.168.30.0/24; } } then { routing-instance ISP2; } } } }followed by this routing-instances { ISP2 {...
View ArticleRe: Cant browse internet
Anand10 wrote:HI, What I meant was this:- firewall { filter PBR { term TRUST-ZONE { from { source-address { 192.168.30.0/24; } } then { routing-instance ISP2; } } } }followed by this routing-instances...
View ArticleRe: How to find newly created session from logs?
Hi, Check the session summary when you see the failed sessions increasing.The performance could be impacted depending the number of sessions hitting that policy as for each session created, a syslog...
View ArticleRe: Special SFP ... (40G->4x10G splitter cables)
Hi fab, an alternate solution (if the HP switch supports it) could be to use a QSFP -> 4 x SFP+ optical breakout cable. This cable gives you 4 x LC connectors which you can patch to other equipment....
View ArticleRe: Special SFP ... (40G->4x10G splitter cables)
Thanks JonasIndeed it would be better.But with a HP cable, because the QSFP+ port compatibility on HP Switch is even more risky to me .With Juniper sfp+ on SRX.Unfortunately such splitter does not...
View ArticleClik here to view.
Re: Site to site VPN routing problem
I hope , this picture helps understand what I mean.
View ArticleRe: Site to site VPN routing problem
Thanks you helping. But , I tested change remote office configset routing-options static route 0.0.0.0/0 next-hop st0.10set routing-options static route 193.168.135.253/32 next-hop 193.168.135.254...
View ArticleRe: Site to site VPN routing problem
Hello, Please confirm if the problem statment here is to route all the traffic from remote office to Main office through the VPN tunnel and nothing from the remote office should go directly on the...
View ArticleUnable to ping default gw from SRX240 cluster Node0 using fxp0
Hi I am having a problem with the out-of-band management (fxp0)It is connected to an access port on EX4300, from the EX the Management subnet is tagged onwards through the network(MPLS).I see in the...
View ArticleCertain sites being blocked.
We have a SRX 210 for some reason there are several sites that used to be allowed but are now giving being blocked due to ERR_SSL_PROTOCOL_ERR. How can I work around this issue.
View ArticleRe: Certain sites being blocked.
Do you have any IPS/AppSecure features enabled on the SRX210? If yes, anything in the logs? if not, then initiate logging on potential rules which are being matched for websurf. Initial thought was...
View ArticleRe: Special SFP ... (40G->4x10G splitter cables)
A solution could potentially be a cable like this: https://www.hpcoptics.com/721070-B21 - These SFP+ transceivers are just seen as ordinary SFP+ multimode optics. But you will have to take the risk of...
View ArticleClik here to view.
How to pass traffic through 2 VPNs
Hello, i wanna do thiis :I have a VPN Tunnel from "SRX2" to "Anything" and this tunnel works fine. The Lan from "SRX2" can reach the "LAN2". Also, i have a tunnel beetween "SRX1" and "SRX2". "LAN1"...
View ArticleRe: Interesting multi-subnet single LAN / DMZ disappearing issue.
1.) Where are your Juniper SRX(s) in the drawing2.) It looks like this would be the physical view, can you share a logical view as well? Are you saying that, from a logical point of view Webserver 1...
View ArticleClik here to view.
Simple nat not working
Hi Im coming for netscreen and cant figure how to do a simple nat... ive spent about 5 hours on this and cannot get it to work .... I want to forward port 2222 on the srx to 192.168.1.2 port 22 - YES...
View ArticleRe: Simple nat not working
Hi, Maybe the destination-address needs to be specified with an Internet zone IP address: delete security nat destination rule-set rs1 rule r1 match destination-address 0.0.0.0/0set security nat...
View Article