SRX Next-Gen Firewalls

 View Only
last person joined: 2 days ago 

Ask questions and share experiences about the SRX Series, vSRX, and cSRX.

Welcome!

If you have a question or a use case, likely there are others who are experiencing or worked through the same thing. Don't hesitate to jump in and ask or share your knowledge!

Need additional guidance?  Check out these Juniper Resources.

Juniper Threat LabsSRX Upgrade Guide Security Advisories Technical Bulletins

Latest Discussion Posts

  • Ben, take a look at the doc I linked to before. In that example config, native-vlan-id is specified outside of unit 0, under vlan-tagging. I hope that helps, sorry, I'm not in a position to test it right now. ------------------------------ Nikolay Semov ...

  • Yep - that's what I'm saying. And while "native-vlan-id" doesn't cause errors, when you look back at the config you see: ge-0/0/3 { unit 0 { family ethernet-switching { interface-mode trunk; vlan { ...

  • I don't have a box running 22.4, but are you saying "native-vlan-id" is no longer valid in the config? I read the doc article saying "without native VLAN ID" to mean the packets going out without a VLAN tag, rather than removing the "native-vlan-id" ...

  • I also see this kind of nonsense: 64 bytes from a.b.c.d: icmp_seq=0 ttl=126 time=38.658 ms 64 bytes from a.b.c.d: icmp_seq=1 ttl=126 time=37.179 ms 64 bytes from a.b.c.d: icmp_seq=2 ttl=126 time=36.111 ms 64 bytes from a.b.c.d: icmp_seq=3 ttl=126 time=35.122 ...

  • Assuming you have the default internet security policy which is: set security policies from-zone trust to-zone untrust policy trust-to-untrust match source-address any set security policies from-zone trust to-zone untrust policy trust-to-untrust ...

  • Very strange, indeed. Two possibilities come to mind, noth unlikely: 1) you have a somehow non-default image where the root password has been configured already, or 2) somehow the system is reading an extra character when you press Enter for the password ...

  • I have seen the same with a 340, though not that extreme. When you ping from a computer, your pings traversing the firewall stay in the packet forwarding engine and get processed as fast as possible. When pinging from the firewall itself, you're involving ...

Unanswered Posts

Top Contributors in the Community