SRX Next-Gen Firewalls

 View Only
last person joined: 3 days ago 

Ask questions and share experiences about the SRX Series, vSRX, and cSRX.

Welcome!

If you have a question or a use case, likely there are others who are experiencing or worked through the same thing. Don't hesitate to jump in and ask or share your knowledge!

Need additional guidance?  Check out these Juniper Resources.

Juniper Threat LabsSRX Upgrade Guide Security Advisories Technical Bulletins

Latest Discussion Posts

  • Profile Picture

    reboot reason

    I would like to know why this device rebooted Sometimes the SRX reboots. The boot reason is given in the form of a code But I don't know the details. Juniper does not provide documentation on the boot reason codes Does anyone ...

  • I will try that Thank you ------------------------------ LUIZ CASTILHO ------------------------------

  • The RA clients shouldn't overlap with your other subnets. They're fine on 10.10.x.x. It's just that your remote SRX has no idea how to reach them. On the second question, yes, I think so. Seems easier to me. You have to add route to 10.10.x.x on the ...

  • Thank you for the answer So my clients should be on the 140 or 144 network? also you are recommending to setup the site to site VPN to be route base? ------------------------------ LUIZ CASTILHO ------------------------------

  • This is all being done on the SRX using the JunOS built-in method for handling ACME/LE certs. I have a ticket open with Juniper now... so they can figure out what broke. (I've literally followed the step-by-step out of the knowledgebase that got me ...

  • The client side does not use the machine cert store. You need to add the cert chain to the app, see: https://www.juniper.net/documentation/us/en/software/secure-connect/secure-connect-user-guide/topics/topic-map/overview-juniper-secure-connect-client.html ...

  • If you're manually copying cert files to the SRX, have you tried including the entire certificate chain (device cert, intermediate cert, root cert) in the file as opposed to just the device cert? I don't remember what order they were supposed to go in ...

Unanswered Posts

Top Contributors in the Community