Clik here to view.
Unable to access MIP
Hi All, I've configured a MIP on Untrust Interface and created a policy as below. However I'm unable to access it from outside. This was working all while until last week when we changes the ISP to a...
View ArticleRe: Need Some help with a BGP Config.
Check this article out:http://kb.juniper.net/InfoCenter/index?page=content&id=KB13828&smlogin=true&actp=search The article mentions community strings, but if your peer only gives you...
View ArticleRe: HA configuration, the reason as alarm event ?
As long as you have alarm level events in your log, the LED will be on. Even if you've resolved all issues related to the messages you see, the LED will be on. Even when the events are expected and...
View ArticleRe: Unable to access MIP
You may need to enable Proxy ARP on eth0/0 for the MIP address.
View ArticleRe: Send Internet and Several Subnets down tunnel to hub, but not local traffic.
Yes, using source routing does send all the traffic down the tunnel. I missed the need for the SQL servers to route outside the tunnel. For policies, you will need to create at least two: untrust to...
View ArticleRe: Default route over VPN tunnel?
When the traffic from the remote site comes through the tunnel and then out to the internet, this will need to have NAT enabled for the internet access to work. From zone will be the tunnel interface...
View ArticleRe: HA configuration, the reason as alarm event ?
Looking at the log messages Ithink there is still an issue here. 2016-01-08 10:39:26 system crit 00015 Peer device 285184 in the Virtual Security Device group 0 changed state from init to primary...
View ArticleRe: Can the traffic flows well without NAT?
Ah..! Actually I configured its mode was "NAT".. Thank you so muchㅠ_ㅠ
View ArticleRe: HA configuration, the reason as alarm event ?
Steve, The PB (Primary Backup) state is normal -- http://kb.juniper.net/InfoCenter/index?page=content&id=KB5124&actp=search. All backup firewalls I've ever seen are in PB state. (With secondary...
View ArticleRe: HA configuration, the reason as alarm event ?
Thank you, @nikolay.semov Thanks to you, I kept up with the definition about Primary Backup. However, I'm confused after seeing the URL you linked. Basically, dual protocol is using just "2" devices,...
View ArticleRe: packet loss inside VPN tunnel, but not on outside between the two SSG's
External captures are going to be hard, I have no technical staff in Hong Kong and the SSG is directly connected to the fibre modem. (no taps or hubs)I am familiar with the snoop commando, but only in...
View ArticleRe: Initiate IPsec S2S VPN via L2TP IPsec W7 client
Hi againMaybe the answer is obvious by most of you but I needed to know so i did further investigations.So yes you can initiate an IPSEC S2S tunnel from an L2TP/IPsec tunnel.The issue was for me the...
View ArticleRe: HA configuration, the reason as alarm event ?
Indeed, the wording does suggest you can have more than two firewalls in a cluster, but I haven't seen a mock or real-world setup with more than two firewalls, so I can't speak to that. As for your...
View ArticleClik here to view.
Re: Unable to access MIP
Hi, Thank you rseibert and nikolay.semov for suggestions but issue is still not resolved. I have done packet capture on both WebUI and used debug as suggested. What I've noticed is that PING is working...
View ArticleRe: Unable to access MIP
If that's the case, your problem may be outside of the firewall.
View ArticleRe: HA configuration, the reason as alarm event ?
I've fixed the link to the article above and I'll include it here http://kb.juniper.net/InfoCenter/index?page=content&id=KB7726 This seems to indicate these messages are repeated when this setting...
View ArticleRe: HA configuration, the reason as alarm event ?
Thank you @nikolay.semov !!I think its syslog is not important when configuring HA kk Regards,
View ArticleRe: HA configuration, the reason as alarm event ?
Thank you @spuluka,I think it is not important when configuring HA. Regards,
View Article