Log in to ask questions, share your expertise, or stay connected to content you value. Don’t have a login? Learn how to become a member.
Bits and Bytes Articles on Automated WAN Solutions, from Network Engineers to Network Engineers.
Browse Posts
Policy: MS_DYNAPP, action-type: permit, services-offload:not-configured , State: enabled, Index: 25 0 Policy Type: Configured It seems that the KRB5 dynamic application only allows UDP. However, Kerberos can operate over both UDP and TCP. Looks like Juniper isn't aware of this :)
You can also use show security match-policies to check what policies get applied. Reference: https://www.juniper.net/documentation/us/en/software/junos/cli-reference/topics/ref/command/show-security-match-policies.html ------------------------------ Nikolay Semov ------------------------------
I haven't used it for JSC specifically, but generally NPS works fine with JunOS. Since you're getting rejections from the NPS, check its logs to see if you can see any clues for the rejection. You can also experiment with the authentication methods on the Constraints tab of the policy that's supposed ...
That's surprising. I have a 340 which did raise a minor alarm about this not too long ago. If you have auto-snapshot enabled, though, you wouldn't get an alarm. ------------------------------ Nikolay Semov ------------------------------
Hi All, I am trying to upgrade our SRXs from version 15.1X49-D170.4 to version 19.4R3-S3 as it seems to be the recommended upgrade path from Juniper.net: <https://www.juniper.net/documentation/us/en/software/junos/srx-upgrade/topics/concept/upgrade-paths.html> ...
Hi, Does anyone already faced one issue related to SRX300 sending malformed BGP OPEN messages, without marker, type and so on. We only see the following pattern in the TCP payload: 12 03 AB CD. These packets cause the remote peer to drop the connection due to Synchronization Problem. The SRX is ...
I use this policy to allow users to authenticate in the Windows domain : policy MS_DYNAPP { match { source-address any; destination-address [ DC1 DC2 ]; dynamic-application [ junos:LDAP junos:CLDAP junos:NBNS junos:MSRPC junos:SMB junos:KRB5 ]; } then { ...
High-level functionality description of BIER as MVPN provider tunnels in the upcoming release of PTX Express 5. Introduction In Cheers! Have a BIER , we explained how BIER [RFC8279] works and how it has come to a prime time for BIER deployment with the hardware capabilities from several major vendors across the edge/access/core platforms. ...
What does differentiate the ACX7024X from the ACX7024 devices? In this short article, we will explain the differences and the motivation behind the creation of this new router. Introduction We launched the ACX7024 in mid-2022, with the following characteristics: 1RU Ethernet router. Built for the aggregation of SFP ...
Using Juniper vSRX on hardware with constrained resources, typically a mini-PC serving as flexible Internet gateway. Those are lately very popular due to low footprint yet with capabilities making them suitable for running virtual machines. Introduction At very minimum, a mini-PC is tool for engineers to have x86 based SRX ( vSRX ) at home ...
We’re all about connections, so make it easy for you to hop over to your favorite social channels.
Collaborate on Juniper projects with developers worldwide.
See more
Use pre-built topologies to explore our products and solutions—all for free.