Re: UDP flood! From Google
You need not to block the specific IPs, rather configure the screen feature to prevent such attacks. see the below KB for more details:...
View ArticleRe: UDP flood! From Google
The udp fllod protection and some other things are already set up.So the generated alarms are just for info ?
View ArticleRe: UDP flood! From Google
Yes, Screening has taken care of the UDP flood. Just make sure the threshold values are tuned correctly. Thanks,Vikas
View ArticleRe: Need assistance with multiple Plex servers behind SSG-5
Set up a VIP. http://kb.juniper.net/InfoCenter/index?page=content&id=KB4740
View ArticleDoes InfrAuth have the same issue as WebAuth and UserAuth?
Hello all We know that there is an issue when using WebAuth or UserAuth if you have multiple users connecting to a resource behind the firewall from the same source IP. Scenarios where multiple users...
View ArticleClik here to view.
Re: Does InfrAuth have the same issue as WebAuth and UserAuth?
To have control on each users in Citrix environment, I believe you need a device which could read the IPORT and authenticated users mapping from the Citrix server itself and then push the same to...
View ArticleRe: Does InfrAuth have the same issue as WebAuth and UserAuth?
Probably, you can explore Virtual IP for Per Session/application feature of Citrix to see if this meets your requirement. Thanks,Vikas
View ArticleRe: Does InfrAuth have the same issue as WebAuth and UserAuth?
Infranet auth does have the same issues as webauth and userauth.
View ArticleNewbie question on Untrust IP range
L.s. Until yesterday, I was stuck with a dynamically assigned IP address from my ISP.All was working well with my SSG5. Yesterday, I moved to a new place and my new ISP assigned me a /29...
View ArticleRe: Newbie question on Untrust IP range
Do you have actual IPs up in the network which are mapped the public IPs? Please try http://kb.juniper.net/InfoCenter/index?page=content&id=KB10923&actp=search and make sure verythng is...
View ArticleRe: Newbie question on Untrust IP range
As PJdHaan mentions, the MIP passes the request on to the mapped ip address range you selected in the MIP object and the firewall itself does not respond. And in addition to the MIP you also need a...
View ArticleRe: Newbie question on Untrust IP range
Hi, Thanks for the read! It seems to work now: with the MIP and Policies in place (without the DIP), traffic flows to the 107 and 108 addresses.It required a reboot to fully remove an old dynamic...
View ArticleRe: Newbie question on Untrust IP range
Sorry, I had not read the second reply yet:I'll add a Policy that allows ICMP traffic and see if that does it.
View ArticleRe: Phase2 failure message with there was preexisting session from the same peer
I also try to solve the problem with intra-zone policy permit but the problem is same too.............Any more solutions?
View ArticleRe: routing fro juniper to PfSense.
Hi Gokul, Yes Im able to connect to LAN1 and LAN2 .. both able to access the internet. I just setup auto configure for NAT on PFsense regard,Hazly
View ArticleClik here to view.
Policy Using IP address
Hi all, It is possible to set a policy to allow connection from 172.16.25.13 to 172.16.30.7 but reject connection to 172.16.30.6 ,and allow connection from 172.16.25.3 to 172.16.30.6 but reject...
View ArticleRe: Policy Using IP address
There could be two thing:1: Probably your policy address has ip with /24 subnet. Please be specific with /32 IP in policy address, if you want to control single hosts.e.g set address Trust "test"...
View ArticleRe: Policy Using IP address
KB https://kb.juniper.net/InfoCenter/index?page=content&id=KB15074&actp=search is for site-site VPN, and can be ignored. rest of the expectations still hold good.
View ArticleRe: Policy Using IP address
Hi Mr Vikassingh, Thank for the solutions. I totaly mislook on /32 subnet, it totaly cleared that already have default ip address with /32 subnet.now Im the policy is working. Thanks A lot. regards,hazly
View Article