SRX Next-Gen Firewalls

 View Only
last person joined: 4 days ago 

Ask questions and share experiences about the SRX Series, vSRX, and cSRX.


If you have a question or a use case, likely there are others who are experiencing or worked through the same thing. Don't hesitate to jump in and ask or share your knowledge!

Need additional guidance?  Check out these Juniper Resources.

Juniper Threat LabsSRX Upgrade Guide Security Advisories Technical Bulletins

Latest Discussion Posts

  • We will share the test results. SRX branch equipment does not support saving to ON-BOX (SSD) in stream mode. Junos OS 19.4 version supports on-box (ssd) storage in stream mode. To save on SSD, up to 100MB is possible with the settings below. traffic ...

  • Hi, Cannot see the path on my SRX300 which you mentions. Could you show me the screenshot or commands which can display trusted configuration? Thanks. ------------------------------ Tokumasa Sanada ------------------------------

  • The biggest issue I've seen is when you try to use both some zone and some global policy. the final policy in any zone to zone interaction is default deny silently. So if the traffic is seen as zone to zone and there is no policy for the match it will ...

  • Thanks a lot Nikolay. Very useful input. Anyone else know of any differences in feature for global vs sone policies? ------------------------------ Best regards Vidar Stokke ------------------------------

  • Until somewhat recently, you were a bit limited on what you could do with global policies as far as unified policies (using AppID) were concerned. With newer versions of JunOS, these limitations have fallen off. There may be other things that are not ...

    1 person recommends this.
  • Hi all. I got into a discussion with some colleagues here today. I would like to get your feedback on this. In Juniper SRX there are two different kinds of policies: zone specific policies: Here you need to use ONE source zone and ONE ...

  • Can you show the security -> zones -> trusted configuration? If it's set for factory defaults, then it's probably wide open - but let's make sure.

Unanswered Posts

Top Contributors in the Community