SRX Next-Gen Firewalls

You configuration seems exactly like the sample. Could you try the connections both inbound and outbound and see what sessions exist using show security flow session source-prefix show security flow session destination-prefix These will confirm ...

Hello, Can you try out the below option and get me the output ? >show security match-policies from-zone <> to-zone <> source-ip <> destination-ip <> source-port 10.1.10.6 destination-port <> protocol 6 >show security nat static rule all Also, did ...

Next step would be to see SSL_PROXY errors in the log files. If you're logging to external syslog server, grep SSL or SSL_PROXY if recall. If not, then you will need to enable tracing for SSL_PROXY and view errors. Once you see what's happening, I ...

I'm trying to route from a public IP to an internal web server, but it doesn't seem to be passing http traffic, here's what I have: set security nat static rule-set web1 from zone internet set security nat static rule-set web1 rule web1 match destination-address ...

I have a self-signed CA certificate with key that is trusted at all our clients. I imported it to the SRX: request security pki local-certificate load certificate-id CA2031 filename /var/tmp/ca2031.pem key /var/tmp/ca2031.key passphrase xxxxxxxxx It's ...

That's interesting, I also run forward transparent proxy, but have not found a solution that will run on IoT devices or any device I cannot import CA certificate on. If you could share the TLS certificate setup and how it works, it would be appreciated. ...

Hi , I don't wanna create new discussion, so I will ask here. I have 2SRX in cluster (node0 and node1) this is connected to EX in VC. I don't have LAB, so I don't have option to try it... Now I have one link from NODE0 to first EX let say 0/0/1 ans ...