SRX

 View Only
last person joined: 16 hours ago 

Ask questions and share experiences about the SRX Series, vSRX, and cSRX.
  • 1.  SRX VPN licenses

    Posted 11-02-2016 01:51
    Hello

    I'm thinking of getting a SRX240 or 300 for my lab for JNCIA preparation as well as for replacing my pfSense gateway box.

    Not sure though how the VPN licensing is with those SRX you find on ebay.

    Is there a limit of number VPNs between two SRX boxes? Just read that the number of dynamic client is 2.

    Also...is there a known Unix client/server which can act as client/endpoint?



  • 2.  RE: SRX VPN licenses

    Posted 11-02-2016 02:24

    HI davorin,

     

    there is no license limitations on site-to-site VPN connections. The license limitation is regarding VPN clients (dynamic vpn). You get 2 concurrent connections included in the base system and can purchase extra if needed. In your setup I don't expect that to be a problem 🙂

     

    You can possible use openvpn on Linux to emulate a site-to-site connection and Pulse Secure (the client used for dynamic VPN) can be found in a Linux version.

     

    I hope this answers your questions.


    #SRX
    #dynamicVPN


  • 3.  RE: SRX VPN licenses

    Posted 11-02-2016 03:21

    Ah that is great to know 🙂

     

    Which would be a better box to use as I see both the SRX240 and SRX300 close in pricing on ebay...

    though I like the fact theSRX300 comes with 2 SFP slots...

     

    Think the SRX240 won't support JunOS higher than 12.1?

     

     

     



  • 4.  RE: SRX VPN licenses

    Posted 11-02-2016 04:09

    The SRX240 platform has been announced end of life so no new features will show up. Buying a SFP-module for the SRX240 will be very pricy as well so I would recommend looking at the SRX300 - and as a lab/test firewall it is good that the SRX300 is fanless 🙂

     

    Please note that you cannot buy support when buying second hand and that way get the latest software updates for the SRX300... and you need the latest version to get a stable platform as the initial releases was quite buggy 🙂