SSG with DLNA between VPN
Hello, We are installing Juniper SSG 320M in different sites, and configuring VPN GRE between them, also We are trying to send multimedia data, through the tunnel of the VPN, with DLNA without...
View ArticleClik here to view.
Re: SSG with DLNA between VPN
Please check if these will help. https://kb.juniper.net/InfoCenter/index?page=content&id=KB3256https://kb.juniper.net/InfoCenter/index?page=content&id=KB19954 Also, some important notes...
View ArticleThere is no bridge group interface on ISG 2000
We have an ISG 2000 firewall running 6.3.0r13b.0 that does not have a bgroup interface configure by default, nor have I been able to create one. We need this for a VPN connection, but I've spent a lot...
View ArticleRe: There is no bridge group interface on ISG 2000
Hi, Bridge interface is supported on the SSG Series of ScreenOS. Bridge Groups are new to ScreenOS starting with version 6.0. on the SSG firewall family. These represent a logical Layer 2 switch within...
View ArticleRe: There is no bridge group interface on ISG 2000
If you can add more on the requirement for this bgroup interface for VPN, we can help find the alternatives on ISG, Regards,Pradeep.
View ArticleRe: There is no bridge group interface on ISG 2000
Thanks for the responses. We're configuring a route-based VPN to Azure, and the configuration appears to utilize bridge groups.
View ArticleRe: There is no bridge group interface on ISG 2000
can you post a link or the provided sample configuration and we can help convert it to something compatible with the ISG.
View ArticleRe: There is no bridge group interface on ISG 2000
Hi, As per my knowledge, a bridge group is not a compulsory requirement for a route based VPN with Azure. Bridge group interface to the external world is just another interface with an IP configured....
View ArticleRe: SSG with DLNA between VPN
Hello, We can set the tunnel gre and We can pass traffic through the tunnel GRE, the only problem is that We cannot transmit multimedia data with dlna through the tunnel, so the clients at one end of...
View ArticleProblems bringing up policy-based VPN tunnel on ISG 2000
Our ISG 2000 is running 6.3. We were trying to get a route-based VPN set up to Azure, but we couldn't get that resolved, so now we're trying a policy-based VPN. It sure looks simple enough, but we...
View ArticleRe: Problems bringing up policy-based VPN tunnel on ISG 2000
This is a generic message, stating that the IKE negotiation is failing, and when it tries to retransmit, it fails. It repeats that cycle over and over. This is regardless of if you use route based...
View ArticleRe: Problems bringing up policy-based VPN tunnel on ISG 2000
The two most common reasons for this message are: the gateway addresses are not matching on both sidesconfirm that the ip address the SSG has for Azure and Azure for the SSG are correct The policy...
View ArticleSSG5 Can't access Akamai hosted websites
We have several sites behind SSG5 firewalls that are unable to access Akamai-hosted websites all of the sudden. No changes on our end. The clients will either get a timeout loading the page, no...
View ArticleRe: SSG5 Can't access Akamai hosted websites
We tracked this down to an MTU setting on the interface. Not sure why it suddenly started causing issues, but adjusting the MTU back to default (1500) and all of these sites start loading without...
View ArticleNeed help disabling SIP ALG on three legacy ScreenOS firewalls
We're in the process of deploying a cloud-hosted VoIP system (Metaswitch) across our enterprise (14 locations). For it to work correctly the only change required on our part is to disable SIP ALG. At...
View ArticleRe: Need help disabling SIP ALG on three legacy ScreenOS firewalls
You can just use CLI to disable. jtac-SSG5-r002-> unset alg sip enablejtac-SSG5-r002-> get algMSRPC ALG : enabledSUNRPC ALG : enabledSQL ALG : enabledSIP ALG : disabledRTSP ALG : enabledH323 ALG...
View ArticleRe: SSH Key Size-NS5200
Is there a way to verify the key size. I have a SSG-550M and SSG-2000
View ArticleHigh cpu with small amounts of VPN traffic
We're trying to offload VPN traffic from our main firewall with a ISG 2000 running 6.3.0r13b.0 which we pulled out of the closet. This is a route-based VPN, but even with a single copy process started...
View ArticleRe: High cpu with small amounts of VPN traffic
I forgot to mention this is for a 256-bit AES tunnel. The documentation states 1 Gbps for 3DES, which I'd guess is about the same for 128-bit AES. We have high CPU usage for around 2 Mbps, and the CPU...
View ArticleRe: High cpu with small amounts of VPN traffic
When you use 256 bit AES encryption, it is done in CPU. If you have fragmentation, that will also increase the CPU load.
View Article