Elevate

Welcome to the Juniper Elevate Community

hero image

Featured Post

Promoted

Promo tile background

Check out the new TechPost 

Bits and Bytes Articles on Automated WAN Solutions, from Network Engineers to Network Engineers.

Browse Posts

Latest Discussions

  • Posted in: Routing

    From 19.4, go via 20.4R3 to 21.2R3-S8. ------------------------------ Olivier Benghozi ------------------------------

  • Posted in: SRX

    I have tested the above configuration and it gives me the following error after loading the set: [edit security policies from-zone WORK to-zone LAN] 'policy ALLOW_DNS_1' warning: Destination address or address_set (192.168.10.110/32) not found. Please check if it is a SecProfiling Feed. *from-zone ...

  • Posted in: SRX

    Yes, that looks alright. ------------------------------ Nikolay Semov ------------------------------

  • Posted in: SRX

    Great Nicolay! The above works very well! Thank you for your help. If I was to add another rule for let's say maybe a local DNS server, could I just do something like this: #Set a group to allow access to a local DNS server set groups GROUP_ALLOW_DNS security policies from-zone <*> to-zone <*> ...

  • Posted in: SRX

    Mhmm, yep. ------------------------------ Nikolay Semov ------------------------------

  • Posted in: SRX

    So that means I could put all of the above source nat rules into a simple block like so: ? set security nat source rule-set SOURCE-NAT-TO-WAN from zone [LAN IoT GUEST WORK] set security nat source rule-set SOURCE-NAT-TO-WAN to zone WAN set security nat source rule-set SOURCE-NAT-TO-WAN rule ALLOW_ALL_SOURCE_ADDRESSES ...

  • Posted in: SRX

    Yes, apply-groups GROUP_ALLOW_ALL, but yes, either way is fine. You can even mix the two if you like, though keep in mind that if you have a matching zone-based policy, it will take precedence over global policy. As for NAT, I'm not sure why the difference; I guess if you look at it on its own, it's ...

Latest Articles

  • Posted to: TechPost Blogs

    In modern MPLS networks, managing traffic flows with precision is essential for maintaining performance and reliability. RSVP-TE provides a robust framework for establishing traffic-engineered paths that align with specific resource requirements. As network conditions fluctuate, static bandwidth reservations often fall short. To address this, dynamic ...

  • Posted to: TechPost Blogs

    There has been a lot of interest recently in Large Language Models (LLMs). One of the major applications of LLMs is conversational AI that enables natural language interactions between people and chatbots. In this article we’ll talk about LLM Connector, which is a chatbot within Routing Director that leverages LLMs. This article has been prepared ...

  • Posted to: TechPost Blogs

    While destination-based forwarding works well for most traffic, certain services require more tailored handling – such as routing based on source’s IP or DSCP values. Leveraging alternative traffic-engineered (TE) paths for such flows enhances network flexibility and creates a compelling business case. Introduction “All animals are equal, but ...

Top Contributors of the Week