SRX Next-Gen Firewalls

 View Only
last person joined: 3 days ago 

Ask questions and share experiences about the SRX Series, vSRX, and cSRX.

Welcome!

If you have a question or a use case, likely there are others who are experiencing or worked through the same thing. Don't hesitate to jump in and ask or share your knowledge!

Need additional guidance?  Check out these Juniper Resources.

Juniper Threat LabsSRX Upgrade Guide Security Advisories Technical Bulletins

Latest Discussion Posts

  • Hi, Junos 22.4 supports ACME/Let's Encrypt. Prior scripts were needed (and still may for purposes like reverse TLS proxy). Karel ------------------------------ Karel Hendrych ------------------------------

  • If I follow your configuration correctly it looks like you are trying to link different vlan id between the two SRX. For this we would apply vlan retagging to change the vlan between the devices. An example is here. https://supportportal.juniper.net/s/article/How-to-configure-VLAN-retagging-translation-for-transparent-mode-chassis-cluster?language=en_US ...

  • I personally think the code is better placed in the irb of the srx550 and less code in the vlan. Making it match with more balance. I will try this but crashing the srx550 is a fear. Advice is important. It did work but I ...

  • I don't follow how the two SRX are connected that is causing the problem. The link between them can connect a vlan. For the vlan to work the two ports would need to be configured either both access and in the same broadcast domain or both trunk ports ...

  • I already have a LetsEncrypt setup running and doing certs for a given domain. While distributing certs to various servers, I'd also like to push them to the local SRX firewall. I can't find any KB articles that might describe setting this up. Would ...

  • I'm in a situation where I at one time had my srx300 and srx550 connected. They do connect still, but internet traffic drops. The reason I am pretty sure, that it drops, is because the main block of code, protocol and all, are on the ...

  • Yea, I see that. But in the meantime before upgrading. What a pain. In fact, I just had a client call me today with what could have been a broadcast storm on their network from a possible loop. (not the fault of the SRX300 though. Someone added some ...

Unanswered Posts

Top Contributors in the Community