Re: Basic BGP Configuration
BTW, if I need to advertise a block a /28 network to my BGP neighbor so they'll advertise it out can I just use this: FW(untrust-vr)-> set protocol bgp FW(untrust-vr/bgp)-> set network...
View ArticleRe: Basic BGP Configuration
In addition, you will also need to create the appropriate route map and apply this to the neighbor. Also bear in mind that an import policy on the neighbor can prevent routes from being learned as...
View ArticleRe: Source NAT two private IPs through route based VPN
Hi, 1. Right, the routes point to tunnel.1 and tunnel.2 interfaces. 2. I see in traffic log addresses 70.20.220.30 and 70.20.220.35 NATting as 70.20.219.1 but packets do not reach the target host on...
View ArticleClik here to view.
SSG5 reboots all the time
HiMy SSG5 reboots all the time. Every time after loading it reboots. Start...
View ArticleSSG5 config and NAT behind router
I have an SSG5 that has been plugged into cable modem, receiving an address from ISP via DHCP. Inside network gets NAT"d to external interface on juniper for internet traffic, so inside trust interface...
View ArticleRe: Source NAT two private IPs through route based VPN
If the policy logs says the traffic is NAT-ed then it is not a NAT issue. So, the intent here is to send traffic throguh VPN, but NAT the source with e0/0 interface IP?It may fail on the other side due...
View ArticleClik here to view.
Re: SSG5 reboots all the time
Hi Marcin, But after turn off from power it doesn't start normally again. Do you think it's time to change device to new one? Can you share the complete bootup log?
View ArticleRe: SSG5 config and NAT behind router
Yes, what you have mentioned will work. Double NAT won't be an issue. I assume you are not planning to implement any access list or IP based traffic filtering on the router - because the router will...
View ArticleRe: SSG5 reboots all the time
Complete bootup log after plugging into the power:Juniper Networks SSG5 Boot Loader Version 1.3.2 (Checksum: A1EAB858)Copyright (c) 1997-2006 Juniper Networks, Inc. Total physical memory: 256MBTest -...
View ArticleRe: Apple iPhone/iPad VPN to ScreenOS - now possible!
Hi, I updated my PDF document, with test connection that is using IKEv2 with username/password authentication. Freeradius server is used for external authentication, but similar can be done using any...
View Articledebug flow basic on tftp?
Hello guys,i had problem with isg2000 but the noc people of my company just rebooted the machine without take any log so i do not know what exactly happened, they aren't ablet to access the firewall.If...
View ArticleRe: Apple iPhone/iPad VPN to ScreenOS - now possible!
Hi there, I'm going to add this to our Security TechWiki as well. Thank you so much!
View ArticleSSG520 intermediate gateway route across WAN
I have a straight internet connection at a remote office where my ISP gave me a few subnets, but routed them through a single /30 gateway. I now want to start a new gigabit internet connection at a...
View ArticleRe: Apple iPhone/iPad VPN to ScreenOS - now possible!
Great work.. keep it up! Kudos for all the hardwork and for sharing it with the community.
View ArticleRe: debug flow basic on tftp?
Hi Andrea, It is possible.Does your current script get triggered every 30 minutes - run the get commands - exit //or// is it always ON, with the Get commands run in a loop every 30 minutes? I would...
View ArticleClik here to view.
Re: SSG5 reboots all the time
More likely a hardware issue. Does not look like a crash, because a crash would print the dump on console. Anyhow, when you are able to get into the firewall CLI, check the output of 'get log sys save'...
View ArticleTime Warner Business Class (TWBC) slow speed
Hi, I've had two sites, SSG-5 running in both locations, upgraded to TWBC - one at 300 mbps down/20 mbps up and second at 50 mbps down/5 mbps up and, in both cases, the speed tests done from a laptop...
View ArticlePhase2 failure message with there was preexisting session from the same peer
hi all, I have a problem in phase2 when I trying SSG550M (screenos 6.2) as hub and srx100 (junos12.1) as spokes. The message is there was preexisting session from the same peer. I also change soft...
View ArticleRe: Phase2 failure message with there was preexisting session from the same peer
Hi, Does this issue happen during Phase-2 rekey or the VPN doe not come up even for the first time?If modifying the soft lifetime buffer did not help, you can try clearing the VPN session...
View ArticleRe: Time Warner Business Class (TWBC) slow speed
You are right that the interface is a 100mbps (Theoritical), but 1.7mbps is very low. Some parameters worth checking: 1. The duplex settings on the SSG interface connecting to the ISP MODEM and the...
View Article