general question about destination nat on ScreenOS FW
hey i have the following scenario. I have a server in the dmz (no public IPs), which should be reachable externally via port 443 tcp and udp. can i just configure to seperate VIPs (one for tcp and one...
View ArticleRe: general question about destination nat on ScreenOS FW
You can configure a custom service with multiple protocols and set that to the VIP. You would need to enable VIP multi port though....
View ArticleRe: Unable to reach to remote MPLS site via VPN
From your description these two would conflict so you would need to remove the existing one and create the new route based version.
View ArticleJuniper SSG Route issue
Hi, I have a Juniper SSG140 as a internet Gateway device. today some PC can't open the website which dns is 114.114.114.114(public dns server) when i check the SSG140,I found a connect route with...
View ArticleRe: Juniper SSG Route issue
Hi, 1: So you sont have this route in your current route table, right?2: Did you take output of get route id 748 during the issue?3: Is this IP anywhere in the config get config | in 114.114.114....
View ArticleRe: Juniper SSG Route issue
Thank you for your reply. The connect route with 114.114.114.114 in my current route table again. device bug ?? output command ------------------------------------------------- SSG140-> get...
View ArticleRe: Apple iPhone/iPad VPN to ScreenOS - now possible!
Hi,first, thank you for your documentation !How did you get your vpn profile to your iphone? Regards,Chris
View ArticleRe: Apple iPhone/iPad VPN to ScreenOS - now possible!
Hi Chris, I am not an Apple owner, so some of my firends helped me with Apple testing. If I remember well, after creating .mobileconfig file and necessary certificates, you need to upload (copy) them...
View ArticleRe: Juniper SSG Route issue
Hi, 1: I dont see any known bug in the release notes.2: The route is active for for 5 minutes 30 seconds when you printed the output of get route id, can you please check the 'get event' and 'get log...
View ArticleRe: Juniper SSG Route issue
Hi, I found the problem There is a L2TP User assigned ip-pool and static ip at the same time(The static ip is 114.114.114.114), hhh... so i guess this user using static ip prefer if L2TP tunnel...
View ArticleRe: Juniper SSG Route issue
Yes, this could be the potential root cause of the issue. Probably L2TP would be terminating on the Eth0/0 and 114.114.114.114 is totally different IP than defined so firewall would be leaning as...
View ArticleRe: Apple iPhone/iPad VPN to ScreenOS - now possible!
Hi, tunnel is now enabled and works fine - but i can only reach lokal ip addresses, dns isn't working for internal network. in Objects > Users > Local > Edit - if i use primary and secondary...
View ArticlePPPoA on SSG140
Hello,I would appreciate it if someone could assist me with this. I need to set up a PPPoA (not E) connection on an interface on a SSG140. The problem is, the drop down for which interface to bind to...
View ArticleRe: PPPoA on SSG140
You would need an interface card that supports ATM. The built in interfaces are ethernet.
View ArticleRe: Basic configuration for juniper SSG140
Hello, You can check routing on thedevcie using the commnad " get route". Als you can configre the routing as required using the CLI command "set route * * * " . It would be easy to configure via...
View ArticleRe: SIP sessions allocation error message
Hello Jus to add to the previous point, it will also depend upon overall memory available on the device . The memory can be used up by any UTM features or any other ALG functionality which uses up the...
View ArticleRe: IKEv2 to replace L2TP/IPSec dialup VPN
Hello, For the problem 1.It looks like when ScreenOS looks for matching ikev2 gateway, it doesn’t take into account received IKE ID and always uses rsa-sig/rsa-sig gateway if it exists? >>>...
View ArticleRe: IKEv2 to replace L2TP/IPSec dialup VPN
Hello For the second problem, I remember encountering a similar problem on older windows versions. We had a option in the IPSEC registry on hewindows under HKEY_LOCAL_MACHINE. I am not able to see that...
View ArticleRe: Basic configuration for juniper SSG140
I have a configuration example adding a guest wifi network to the ScreenOS firewall....
View Article