SRX Next-Gen Firewalls

 View Only
last person joined: yesterday 

Ask questions and share experiences about the SRX Series, vSRX, and cSRX.

Welcome!

If you have a question or a use case, likely there are others who are experiencing or worked through the same thing. Don't hesitate to jump in and ask or share your knowledge!

Need additional guidance?  Check out these Juniper Resources.

Juniper Threat LabsSRX Upgrade Guide Security Advisories Technical Bulletins

Latest Discussion Posts

  • While the link could operate at multiple speeds, the module itself is still SFP+, so not working in an SFP slot. Also, see https://apps.juniper.net/hct/model/?component=JNP-SFPP-10GE-T&tab=oView. The SRX is not listed as support platform for this module. ...

  • This message was posted by a user wishing to remain anonymous Hi All, I am trying to connect port GE-0/0/12 to port GE-0/0/12 and Port XE-0/0/19 to port xe-0/0/19 of two SRX1500 using JNP-SFPP-10G-T and rj45 cable. Its okay with XE ports but GE ...

  • HI Tokumasa. Please refer to following datasheet for control link , fab link and management connection to be followed for srx3XX platforms https://www.juniper.net/documentation/us/en/software/junos/chassis-cluster-security-devices/topics/topic-map/security-chassis-cluster-verification.html ...

  • Hi all, I am new to Juniper firewall. Currently, I want to configure HA on my both SRX300s. If I want to configure basic HA, which two ports are required to connect to another one SRX300? Do I need to connect to the ports of same place on another one ...

  • I usually use d-nat for inbound traffic and I've had situations where it would have been nice to have the d-nat pool entry be dynamic, but no the matched address. I'm curious, what is your use case? ------------------------------ Nikolay Semov ---- ...

  • I have an old config from a Cisco ASA which is here: interface Dialer1 ip address negotiated ip mtu 1452 encapsulation ppp ip tcp adjust-mss 1412 dialer pool 1 dialer-group 1 ppp mtu adaptive ppp authentication chap callin ...

  • Unfortunately, I think this is expected behavior. That is, native-vlan-id tells the device what to do with incoming untagged frames, but doesn't tell it not to tag outgoing frames on that vlan. That's counterintuitive and a bit silly, in my opinion, but ...

    1 person recommends this.

Unanswered Posts

Top Contributors in the Community