SRX Next-Gen Firewalls

Not sure what else to suggest. I ran your commands on an old SRX cluster the certificates created just fine and I was able to access the web-management http/s without any trouble, unfortunately I couldn't test REST as this is a 12.x cluster and doesn't ...

Both files are present on both nodes, owned by root:wheel and I repeated the process after SSHing as the root user. No luck so far. ------------------------------ G H ------------------------------

Oh ... I don't think you need FBF at all. Both GW1 and GW2 instances need a route to 192.168.0.0/16 (or 192.168.50.0/24 as it were). You can make that static, or imported, however you can get it in there. When SRX looks up the reverse route back to ...

I've seen this happen when creating the certificates as a non-root user, even though the user account had super-user class access. Not sure if that is the case for you. But something I've seen in the past. Logging in as root and creating the certificates ...

our main FW cluster = our srx345 cluster of two devices. We use private address' with static destination nat We use 192.168. for internal and nat that to currently the 213 range, But we are at the stage now where we will start migrating customer services ...

Is "our main FW cluster" the SRX345 you're trying to configure or separate firewalls that are staying in place? If separate firewalls, what is the functionality you need from the new SRX that you currently do not have because you cannot mess with the ...

Hi Nikolay Thank you for helping. A bit more explanation You are correct i might be barking up the wrong tree entirely Our network is currently running off a managed service from our ISP (we can call this the 213 range) using a /24 range supplied by ...