Log in to ask questions, share your expertise, or stay connected to content you value. Don’t have a login? Learn how to become a member.
If you have a question or a use case, likely there are others who are experiencing or worked through the same thing. Don't hesitate to jump in and ask or share your knowledge!
Need additional guidance? Check out these Juniper Resources.
Ask AI Juniper Threat Labs SRX Upgrade Guide Security Advisories
Thanks very much good sir! I was under the impression that intra-zone traffic would be allowed through. Thanks for setting me straight. :)
Hi, Could the packets be fragmented by an intermediate device/router as well, since TCP MSS has already been set to 1300 and assuming MTU on the SRX egress interface is default? Also, just to confirm the fragmented packets seen on the remote side ...
Hi Arix, Here are two interesting documents, you might want to look at them as well for df bit and fragmentation issue on traffic over VPN. https://rtodto.net/ipsec-tcp-mss-df-bit-and-fragmentation-in-srx/ <<This article has been archived ...
Hello! You need a security policy from zone ABC to zone ABC to allow the traffic. Technically the ping is transit traffic first with lo0 as the outgoing interface, so you need a policy. The the ping loops back in and hits the host-inbound rules for the ...
This message was posted by a user wishing to remain anonymous As per the topology in the attached image, I have configured a simple lab with two vSRX in EVE-NG. I can ping the other end of the ge-0/0/0 link, but I cannot ping the loopback address of ...
Reviving post! ------------------------------ Adrian Aguinaga B.S.C.M. I.T.T. Tech (Construction Management) A.A.S. I.T.T. Tech (Drafting & Design) ------------------------------
Perhaps it would be more fruitful to request some sort of written statement through your Juniper account team? ------------------------------ Nikolay Semov ------------------------------
Complete this three-question survey to help us identify where you are in your upgrade journey.