Re: Creating a New Interface Port - SSG140
This did work, I am able to ping Google's IP and DNS with DNS entries in the server! Thank you much!!!!! Just to confirm I assume that if I have only set a policy to have the new zone (R&D) to the...
View ArticleRe: Creating a New Interface Port - SSG140
That is correct. However, if the person goes out to an infected site, then the virus is going to come in. It will however not allow connections initiated from the untrust to R&D.
View ArticleRe: Creating a New Interface Port - SSG140
That's what I assumed from my limited Policies manipulation experience... so thanks!
View ArticleDDNS with HTTPS
Hello, I use a ssg5 with the firmware 6.3.0R23. It is not possible to connect to my DDNS Service with HTTPSI get the error message DDNS: connect errorsocket creation failed The root and intermediate...
View ArticleRe: Restrict SNMP V3 requests from certain devices - CVE-2008-0960
These look correct, the only difference I see between this and my old sample is using snmp v2 in the community. But that is really a trap version so it does not seem like that would matter. set snmp...
View ArticleRe: Restrict SNMP V3 requests from certain devices - CVE-2008-0960
Thanks, strange. The SNMP V3 works but is allowed from any client, still not locked down. Any one else have any ideas ?
View ArticleSSG 140 transparent network between multiple VPN subnets
Hi Experts, I have some problems setting up my SSG140 to do as I want it to do. Would appreciate if someone can contribute some knowledge and expertise. Current setup:Server_A - Interface1...
View ArticleRe: SSG 140 transparent network between multiple VPN subnets
I am not sure I have the topology down. But it looks like you have multiple VPN that you want to be able to communicate directly between them. This will take a few steps. VPN configurationFor this...
View ArticleRe: SSG140 Site to Site VPN with ASA Multiple Subnets
I have made my time to upgrade SSG140 firmware to 6.3.0r22. Also; I tried to pair the proxy-id to accept two different remote subnet - Site A and Site B. However; when I tried to tracert route Site B,...
View ArticleClik here to view.
Re: DDNS with HTTPS
Hello, enclosed you find the debug log. In my opionen the juniper use old and unsecure cipher. Because of that I got an handshake failure.The HTTPS Encryption of the webinterface is also not state of...
View ArticleRe: SSG140 Site to Site VPN with ASA Multiple Subnets
You will need to verify that these configuration objects are the same on the ASA and the SSG. These need to contain Proxy-id on the SSGACL for the VPN on the ASA192.168.70.0/24 - 192.168.50.0/24...
View ArticleForward public ip to device directly attached to ssg interface
Greetings to all the experts.I am a self-taught and I am not much netscreen expert. I have one isp router (A), one SSG140 and one other provider router (B) I should assign 1 Public IP to router (B)...
View ArticleRe: Forward public ip to device directly attached to ssg interface
Hi, I understand that your VPN is terminating on the Router B and the other VPN peer is behind ISP router A. Don't you have route from Router A to the router & in between devices for end to end...
View ArticleRe: Forward public ip to device directly attached to ssg interface
Hi, no, router A (cisco 1841) have only one interface. thank you
View ArticleRe: Forward public ip to device directly attached to ssg interface
Hi, Can you let us know the topology including both VPN endpoints and the IP interfaces? you can use any random public IPs instead of your actual public IPs if you don't want to disclose. Thanks,Vikas
View ArticleClik here to view.
Re: Forward public ip to device directly attached to ssg interface
I hope that this scheme is clearthanks
View ArticleRe: Forward public ip to device directly attached to ssg interface
Hi1: I hope you are not doing any interface based NATing (DIP,MIP,VIP) on the firewall interaface for IP 188.x.x.235. 2: Your router A would have a route to send packets destined to the IP 188.x.x.235...
View ArticleRe: Forward public ip to device directly attached to ssg interface
How about moving all config from int1 to bgroup and then adding int1 and int4 to bgroup. Then it's both a switch AND handling it with ssg interfaces.
View Articlewild card ssl cert installation on SSG140
Hi; I have a SSG 140 appliance, and I install a wild card ssl cert (.cer) file to my SSG 140. 1. How can I make it as default ssl cert, whenever I enter https://myfirewall.company.com domain, and.....
View Article