SRX Next-Gen Firewalls

 View Only
last person joined: yesterday 

Ask questions and share experiences about the SRX Series, vSRX, and cSRX.

Welcome!

If you have a question or a use case, likely there are others who are experiencing or worked through the same thing. Don't hesitate to jump in and ask or share your knowledge!

Need additional guidance?  Check out these Juniper Resources.

Ask AI Juniper Threat Labs SRX Upgrade Guide Security Advisories

Latest Discussion Posts

  • We have a Juniper SRX320 that I was trying to upgrade to the latest Junos 24.4, but has given errors during that process. It was functional running 20.2R3-S2.5 with a basic config to allow network connectivity and ssh access. Following TSB92728 , ...

  • For the traffic to use the vpn connection the source and destination addresses have to be setup as allowed by the VPN configuration. And the routing on both sides of the tunnel also has to select the tunnel as the destination for that traffic. Is ...

  • Not at all. I'm simply pointing out a DDoS mitigation feature in the SRX. I just don't have the hard numbers you're seeking to draw a conclusion one way or the other. ------------------------------ Nikolay Semov ------------------------------

  • Nikolay Semov, I have reviewed your message. From your correspondence, I understand that you have doubts about whether the SRX4600 device can provide effective protection against DDoS attacks. Thank you for the document you shared. Indeed, you've provided ...

  • An interesting relatively recent feature related to DDoS mitigation, should you end up going with the SRX: https://supportportal.juniper.net/s/article/SRX-About-drop-flow ------------------------------ Nikolay Semov ------------------------------

  • Thank you for your insights, Nikolay Semov. I'm fully aware that a 30-second timeout for tracking SYN packets is quite excessive, and I do intend to progressively reduce this value. The SRX4600, from a technical standpoint, supports stateful inspection ...

  • I'm trying to configure syslog traffic to a syslog server on a different location over a VPN connection I can see that the syslog traffic is being generated on the ge-0/0/0.1 (Untrust zone on my firewall) how can I set up so the syslog traffic is ...

Announcements

  • Tell us if you've upgraded or if you need help upgrading!

    Complete this three-question survey to help us identify where you are in your upgrade journey.

Unanswered Posts

Top Contributors in the Community