NSRP switchover
Hi guys, Ihave a question regarding a switchover i want to perform on our ISG 2000 cluster. We have an Active/Passive NSRP configuration. We basically want to switch over the current Active fwl to the...
View ArticleRe: Apple iPhone/iPad VPN to ScreenOS - now possible!
I was actually looking for something like that! I remember trying back in the day but that was on ios 7 and 8. Will try it out for sure. Thanks for that, kudos to you!
View ArticleRe: NSRP switchover
Remove preempt from the current masterChange priorities on both devices so that the new master will have a lower priority than the old.Add preempt to the new master. Once you add preempt to the new...
View ArticleRe: NSRP switchover
That reply could not have been more consise and clear! Makes sense. Thanks a lot rseibert! Does it matter that my configs are not in sync? Its a matter of 2-3 commands that actually dont make sense to...
View ArticleHELP THE NOOB
I am new to firewalls; I have mostly been a layer 2 switch/router technician until now. I am now on a firewall team and one of the firewalls I am struggling with is a Juniper SSG 520M. The first fail...
View ArticleRe: HELP THE NOOB
I would recommend starting with the Concepts and Examples guide. https://www.juniper.net/techpubs/software/screenos/screenos6.3.0/630_ce_all.pdf As for the password issue, ScreenOS only allows one root...
View ArticleRe: HELP THE NOOB
WebUI automatically issues a save when you click "Apply" or "Ok" on a section.
View ArticleRe: HELP THE NOOB
Ok, I have root account. I have made a couple changes and they stuck. Now, we have an issue setting TACACS as the primary authentication account. I see in the guide that TACACS is allowed, but the...
View ArticleRe: HELP THE NOOB
I have a YouTube playlist that is an introductory course for ScreenOS. Configuring ScreenOS Firewalls https://www.youtube.com/playlist?list=PL9B6F69E0FE662EB0
View ArticleRe: SSG ScreenOS, Source routing and IP tracking
I believe this is the kb article you are looking for. [ScreenOS] Configuration Example on how to redirect Web traffic to a Proxy Server using PBR (Policy-Based Routing)...
View ArticleRe: SSG ScreenOS, Source routing and IP tracking
Great start !Thankyou...And layering on some IP tracking because I intend to run 2 x web proxies and I want PBR smarts to FT between using them.Something WCCP just does natively... Thoughts ?
View ArticleRe: SSG ScreenOS, Source routing and IP tracking
So layering on some fault tolerance at point of,--------------------------------------------------------------------------------------------------------------------------------set action-group test...
View ArticleRe: SSG ScreenOS, Source routing and IP tracking
Track IP is designed for INTERFACE failover. If your two devices are on different egress interfaces AND you can bring the interface down when the device is not responding, then you could use this...
View ArticleRe: SSG ScreenOS, Source routing and IP tracking
You are right.. it is on an INTERFACE level, and it doesn't mean my proxy will be 'down' via interface.More often than not, networking/connectivity is fine, but http daemon/parser is down or has an...
View ArticleRe: SSG ScreenOS, Source routing and IP tracking
Something like this ? http://help.juniper.net/help/english/6.3.0/rt_pbr_action_grp_edit_cnt.htm'Interface and Next Hop Reachability' ?
View ArticlePrioritizing VoIP traffic over VPN
I have a NEC phone system with an SSG on one side and a SRX on the other. They are connected witha VPN. What is the best way top prioritize the traffic? I assume I would have to somehow prioritize...
View ArticleTraffic Shaping SSG
My customer has a 60X5 Internet connection. They often do large uploads and when they do the upload kills everyone's Internet speed. Is there any way to limit the user's bandwidth speed to no more...
View ArticleRe: SSG ScreenOS, Source routing and IP tracking
Seems like the next-hop on that feature would work for you in some cases. It would not cover your http port down issue but if the server itself is offline this would flow to the next rule.
View Article