Recent Posts

Pages: [1] 2 3 4 5 6 ... 10
1
SRX Platform and J-series / ssh access from outside
« Last post by akula on April 15, 2018, 09:27:57 pm »
Hello,

A security policy allowing junos-ssh from outside to a server internal has been created.
But, srx 550 does not seem to allow this particular traffic on port 22 when traffic is initiated from outside.

This is not to allow management access , it is to allow users to access this server on port 22.
traffic can still be seen to same destination ip on different ports, if tested.
Please suggest. Thanks.
2
Routers / allow port in SRX-300
« Last post by SEBI on April 09, 2018, 11:38:01 pm »
New to SRX-300 Juniper configuration.  There are many great tutorials out there and learning every day.
So this question may be very basic (apologize). Looks at some videos but rather confusing with rules, pools, applications...etc
I have a port 12345 (in the trusted side) that needs to be access by the  untrusted side. 
Can anyone provide a sample or steps via CLI to do this.
greatly appreciated
3
Routers / can I set up DNS domain searching on Juniper SSG5
« Last post by KD7VEA on March 26, 2018, 12:56:20 pm »
I have a private network that I connect to that i would like name resolution to work on.  basically, I want to send all traffic with the .local.mesh domain out to 192.168.1.200(this is my private network access point) and have everything else still point to my local ISP DNS, or 8.8.8.8.  In my old untangle router, I could set it so that anything with .local.mesh was set to Next hop of 192.168.1.200.  this worked great, but I cannot figure out how to set this up on the SSG5.  What I want to have is the main Mikrotik core router will point to the SSG5 as the primary DNS, and the SSG5 will then handle the .local.mesh traffic by passing it to the .local.mesh Access point.
4
SRX Platform and J-series / Security Policiesto allow specefic
« Last post by dtawk on March 21, 2018, 07:52:18 am »
Dear All,

I am new to Juniper and I am facing an issue with my SRX.
I have added a security policy in which i have allowed access to specific IPs from the outside, but I was surprised when I discovered that the policy is not applied and the access is open to ANY.

Can you help please.

set security policies from-zone Out to-zone WAF-WAN policy his-bi_out match source-address ICT_TEAM
set security policies from-zone Out to-zone WAF-WAN policy his-bi_out match destination-address srv_his-bi-group_out
set security policies from-zone Out to-zone WAF-WAN policy his-bi_out match application junos-https
set security policies from-zone Out to-zone WAF-WAN policy his-bi_out match source-identity any
set security policies from-zone Out to-zone WAF-WAN policy his-bi_out then permit
set security policies from-zone Out to-zone WAF-WAN policy his-bi_out then log session-init
set security policies from-zone Out to-zone WAF-WAN policy his-bi_out then log session-close
set security policies from-zone Out to-zone WAF-WAN policy his-bi_out then count

5
JunoSpace / Re: Junos Pulse 2.0
« Last post by lab4ccie on March 20, 2018, 02:59:34 am »
Pass your Juniper JNCIE-SP Lab by Lab4ccie JNCIE-SP Workbook. We provide you Juniper Networks Certified Internet Expert Lab Workbook with authentics JNCIE-SP Lab Dumps. Lab4ccie is the best source to prepare and pass the Juniper Lab on the first attempt. Don't be wasting your time and money just visit us today and get JNCIE-SP Lab Workbook and JNCIE-SP Exam Dumps.
6
Hello All,

I need some help with SRX firewall.
Currently, there is a security policy with some ports or application being used in it.
Another service (tcp-5210) needs to be added to it.
I created a custom application named tcp-5210 & did a commit , which was successful.
(i verified using sh application application command)

I need to get following clarified as i am doing juniper again after long gap.

How do i add this new port into the existing security policy without removing any other in-use application or ports?
I tried using insert application under the {edit security policy options}. But i fail to see my newly created tcp-5210
as an option under the applications. I do see all the other existing ports on it.

Appreciate if someone could please help me with this.


[security policies]
from-zone inside to-zone outside {
    policy apps {
        match {
            source-address any;
            destination-address host_public;
            application tcp_port_5000;tcp-2122,tcp-4244,tcp-65730
        }
        then {
            permit

For some reason, i wasn't able to see tcp-5210 as an option when i was under edit mode to add it to the policy.
I want to add newly created tcp-5210 on to this policies application without deleting any of the existing other ones.
Appreciate all help. Thanks.
7
Hi,

i have the same Problem Win10 v1709 on IE11.
Have try the solution from kamranicus but without success.
Are there any other ideas?
8
Switches / Три + интернет
« Last post by Ismaellaurn on March 07, 2018, 06:40:00 pm »
Некогда воспользовавшись интернет-сервисами доски объявлений, вы навряд ли вернетесь к традиционным расклейкам в общественных местах иначе скромным газетным заметкам. Для новичков приведем три основных плюса интернет-объявлений.
https://racoonda.ru/
9
Routers / Normaten отзывы
« Last post by StephenZex on February 13, 2018, 08:45:12 am »
Кого интересуют отзывы о норматен http://pronormaten.ru/otzyvy/7-normaten-realnye-otzyvy-lyudey.html
10
Switches / Re: EX3300 12.3R6.6
« Last post by shisheert on February 13, 2018, 12:20:20 am »
Hii ..

please check the priority of switches.

Put the highest priority for your master switch(connected to uplink) and go on.

e.g.
{master:0}[edit virtual-chassis]
admin@juni_switch1# show
no-split-detection;
member 0 {
    mastership-priority 250;
}
member 1 {
    mastership-priority 245;
}
member 2 {
    mastership-priority 240;
}
member 3 {
    mastership-priority 235;
}

Hope it will help you.


Pages: [1] 2 3 4 5 6 ... 10