SRX Next-Gen Firewalls

Latest Discussion Posts

  • Hi! Experts Sorry for disturbing, I want to confirm will SRX550M antivirus engine works offline? it seems SRX550M only have sophos antivirus engine presently and I found some words in Juniper KB: "Sophos antivirus uses a small set of data files that ...

  • I just figured it out! It was the IKE ID's. I was getting this error in the kmd logs: IPSec negotiation failed with error: Peer's IKE-ID validation failed during negotiation Because this is an AutoVPN, it needs to use certificates for authentication. ...

  • Thanks for the suggestion. NAT-T is on by default, and I haven't disabled it

  • Profile Picture

    RE: One-sided IKE SA

    Do you have nat traversal on in the configuration? This is required when the gateway interface address is behind a nat. ------------------------------ Steve Puluka BSEET - Juniper Ambassador IP Architect - DQE Communications Pittsburgh, PA (Metro Ethernet ...

  • Naturally with cross vendor connections you need to be extra careful in matching all the phase 1 and phase 2 settings. But these are the SRX side configs for route based vpn with ikev2. https://www.juniper.net/documentation/en_US/junos/topics/topic-map/security-vpns-for-ikev2.html ...

Announcements

  • Welcome! How to Navigate the New Site

    Welcome to our new Juniper community! Please pardon our dust as we put the finishing touches on our new site over the next few days. A few tips: 

    1. To explore communities, select Communities in the navigation. Keep returning there to navigate. 
    2. When you log in, be sure to complete your profile and join communities to subscribe.
    3. Check out the FAQ to answer any questions. 

    We're glad you're here!
Current Members
111 Members
Hidden Member
community Admin
community Admin
Hidden Member