Re: ssg 5 vlan sub int dhcp
add source nat to the egress interface in the advanced tab of the policy. set policy id 45 from "guest" to "Untrust" "Any-IPv4" "Any-IPv4" "ANY" nat src permit log
View ArticleRe: ssg 5 vlan sub int dhcp
i added the policy, but i still have no Internet Connection, only with intern vlan 1 .... when i put the interface to zone "trust" it works - so there is a problem with my created zone "zone3". -> i...
View ArticleBackup WAN interface vpn tunnel
I have a client with a Juniper SSG 550 latest version Screen OS that wants to send all his VPN traffic using his backup ISP connection. He will use his main ISP for web traffic. I know I can send...
View ArticleRe: Backup WAN interface vpn tunnel
I assume you are using the built in WAN failover similar to this configuration....
View ArticleRe: Backup WAN interface vpn tunnel
Adding IP tracking would cause the physical interface to go down. Are you using multiple interfaces (One interface for primary and a second for backup)? If so, then you could use IP tracking.
View ArticleRe: Backup WAN interface vpn tunnel
Thanks for the reply, I am about to test your recommendations, but I have a couple of questions. I will set up both WAN interfaces on the same Zone as recomended by your link and follow up all your...
View ArticleRe: Backup WAN interface vpn tunnel
Yes I have 2 interfaces and 2 ISP's I do not want or need to failover the traffic. Just need to create a tunnel to the Backup WAN interface that is not available from the internet yet. At least is not...
View ArticleRe: Backup WAN interface vpn tunnel
This did not worked, Still cannot reack the backup WAN from my remote Firewall. I guess is a routing issue since all te request reach the backup interface, but when the reply is issue everything gets...
View ArticleRe: Backup WAN interface vpn tunnel
You don't need to put the zone into a different VR. The information in that discussion is for failover. Just specify the host address to the remote gateway in the VR. set route <IP of VPN...
View ArticleRe: Backup WAN interface vpn tunnel
Thanks, I guess I was not understood. I have 2 Junipers(ont local, one remote) so I would prefer to use a policy based tunnel. My remote Juniper firewall only has one WAN connection, I assume there...
View ArticleRe: Backup WAN interface vpn tunnel
It worked when I moved my Backup ISP route to the untrust-VR with th eprimary route
View ArticleRe: adding a vsys upgrade license
All good. It seems there was some confusion since these firewalls had EOL announcement. But, I received the auth code and generated the license and applied it with no issues Thanks for your help.
View ArticleSSG140 | Huge udp packet losses
Good afternoon, We are trying to solve out some strange issue with pair of SSG140 (6.3.0r23.0). We do see lot of UDP packet losses there, that can be 37% when traffic is around 1 (one) Mbps. So, for...
View ArticleRe: SSG140 | Huge udp packet losses
I suspect the issue is more with PPS and not bandwidth for the issue. I've seen this situation in running tests on other platforms using traffic generators. the UDP streams have very small packet...
View ArticleClik here to view.
Re: SSG140 | Huge udp packet losses
Good morning, Ok, but I don't think that 1Mbps should create any issues for SSG140 ... I do expect a bit more from that device ... Are my expectations incorrect? Just did pps "metering" PPS counting is...
View ArticleRe: SSG140 | Huge udp packet losses
Hi ,Traffic of 400-500 PPS on SSG-140 is very less on the FW. Interface traffic handling capacity might not be causing this issue?Can you please answer the below mentioned queries which would help us...
View ArticleClik here to view.
Re: SSG140 | Huge udp packet losses
Good morning, + Have you made any change after which the issue appeared? No, it's a new installation+ How do you suspect that FW is inducing the latency? I don't see latency, but I see packet drops....
View ArticleRe: SSG140 | Huge udp packet losses
PPS counting is enabled on interface(number 0) ethernet0/0 59: 378 303 PPS counting is enabled on interface(number 6) ethernet0/2 59: 467 536Yes, clearly you are not dealing with PPS issues. Since the...
View ArticleRe: SSG140 | Huge udp packet losses
I checked all possible counters, I don't see any of them are increasing ... Also, I did ff /with debug flow drop ... all that kind of investigations I'm aware off ... it doesn't help and it doesn't...
View Article