Re: Problem of VPN client to site on SSG 5
Hi, VPN comes up if you replace your WI-FI modem/router with the same ISP, right? Please check your non-working modem/router to see if they allow port 4500 traffic also. As there will be NAT-T and...
View ArticleRe: Problem of VPN client to site on SSG 5
Yes , VPN comes up if I replace my WI-FI modem/router with the same ISP.I am not reason come from port on WI-FI modem/router. I think the port 4500 and 500 opened already.Because, other company still...
View ArticleRe: Problem of VPN client to site on SSG 5
Check 'get event include <public IP of the VPN Client>' this should give some headsup or we need to debug it. pull up a web page on your VPN client machine and check the public IP by browsing...
View ArticleDelete Duplicate Addresses and Services
Hi, I am migrating ScreenOS configuration to SRX. But I got task to remove all duplicate Addresses & Servcies and also if any services created has matching predefine Service replace it in Service...
View ArticleRe: Delete Duplicate Addresses and Services
There is not a tool that would do this. You would have to do this manually.
View ArticleRe: VPN client to side on SSG5.
There are no products that Juniper makes that will work with the Cisco VPN client.
View ArticleRe: SSG140 v6.3.0r14.0 packet drop due to application error
Hello, The SCTP ALG checks the source port number, destination port number and verification tag of a packet for an anomaly (deviation from normal behavior). Abnormal SCTP packets will be dropped by...
View ArticleAndroid VPN to Juniper SSG
Hi, Since few days I am trying to find an answer is it possible to connect from Android to Juniper SSG / NetScreen via VPN?If it's possible, can someone share some howto please? I see that there is a...
View ArticleSSG550 Tag Traffic
I have an SSG550 and just define one of the interface to setup a content filter device, this content filte device filters using the Tag of the VLAN that comes thru that port. How can I define several...
View ArticleRe: SSG550 Tag Traffic
On the port that you want to have as a trunk port, you will create sub interfaces and assign the desired vlan tag to each interface. https://kb.juniper.net/InfoCenter/index?page=content&id=KB4480...
View ArticleRe: SSG550 Tag Traffic
Can we setup a subinterface using for example 10.54.19.30/32?This IP is already in another segment 10.54.19.0/24 but we are using that IP address (10.54.19.30) as a default gateway in the content...
View ArticleRe: how to filter debug ike all
Hi,I saw it on other firewalls(ssg520m) too.Regards,Traian.
View ArticleRe: SSG550 Tag Traffic
Well, it does not make sense to put a /32 address on an interface. This would not allow communications with anything else in that vlan. And the /32 is in the same scope as the /24 you presumably have...
View ArticleGRE(not over IPSec) tunnel troubleshooting
Hi,How to troubleshoot/Debug a GRE tunnel(not over IPSec) on SSG140?Thank you,tcp
View ArticleDHCP not passing IPs
Hello, I have a setup of Juniper SSG140 unit that acts as DHCP server and PulseSecure device within the same subnet.The PulseSecure device is configured to use SSG-140 as DHCP server, but it does not...
View ArticleRe: DHCP not passing IPs
Hi, 1: Have you checked your DHCP config on the device? https://kb.juniper.net/InfoCenter/index?page=content&id=KB4243&actp=METADATA 2: If configuration is good then please check 'get event'...
View ArticleRe: DHCP not passing IPs
1. Configuration is correct ( DHCP serves workstations properly ) 2. Nothing showed under Reports -> System Log -> Event.3. Is that via the CLI ?4. Attached is the screenshot of what PulseSecure...
View ArticleRe: DHCP not passing IPs
Hi, 1: Get event is same a events from GUI.2: Have checked the debug flow basic (https://kb.juniper.net/InfoCenter/index?page=content&id=KB12208) , snoop...
View ArticleRe: GRE(not over IPSec) tunnel troubleshooting
Hello, Is it a pass through GRE or a GRE tunneling on the firewall itself? For pass through GRE use d"debug flow basic " with proper flow filters. For Gre generic tunneling, please use " debug gt gre...
View ArticleRe: GRE(not over IPSec) tunnel troubleshooting
Looking through the ScreenOS 6.3 Concepts and Examples guide, the only mention of using GRE is when bound to tunnel interfaces on the device. So I believe you only can use this with GRE over IPSEC as...
View Article