Re: How I can make BGP configuration on SSG-140
Hi Spuluka, We have managed to fix the problem with VPNs. Thank you!
View ArticleSet Public IP address for Tunnel
I have an SSG5 which connects direct to the Internet using PPoE. So it has a static Public IP on the untrusted interface. A VPN tunnel from the LAN connects to a data center in Japan. This has been...
View ArticleRe: Set Public IP address for Tunnel
The traffic is sent out via the IP on the configured interface. There is not a way of changing this. When you made the change, did you enable nat traversal?
View ArticleRe: Set Public IP address for Tunnel
Thanks for pointing me in the right direction. The only place I can see NAT Traversal is for the VPN Gateway (VPNs/AutoKey Advanced/Gateway/Edit/Advanced).I've tried enabling that, yet it doesn't seem...
View ArticleSSG5 and DELL-Switch
Hello, we have 2 SSG5 in a HA-Cluster and want to change from some old Netgear-Switches to DELL-Switch (S4820T). When I connect one of the SSG to the Switch I get no connect. Do I have to configure the...
View ArticleRe: SSG5 and DELL-Switch
You shouldn't have to configure them a special way. Are the Dell switches 10/100 or 10/100/1000 or 1G only? Do you get a link light?
View ArticleRe: SSG5 and DELL-Switch
That's what I expected. But it doesn't work. The Switch is 100 up to 10GB Yes, I get a Link-Light but no traffic. The Port is up/up on the Switch
View ArticleRe: SSG5 and DELL-Switch
I had to set the Speed on the Switch static to 100. It was not able to autonegotiate
View ArticleRe: SSG5 and DELL-Switch
What model is the old Netgear? They make managed switches and this may have vlan configuration and trunk ports that you would have to match on your Dell switch (assuming it is also a managed switch).
View ArticleRe: Set Public IP address for Tunnel
Did NAT-T actually kick-in when you were being NAT-ed to the 192.168.x.x alone? You can verify it by checking the 'get sa' output. The port number would show 4500, instead of 500. You may want to...
View ArticleAnnoying “Multiple login failures” Alarm
Hoping someone can help. We've got a few SSG20 firewalls and I've got one that has an annoying alarm “Multiple login failures” Alarm that clutters up the CLI. I used to have the hidden command to...
View ArticleRe: Annoying “Multiple login failures” Alarm
This usually indicates an issue. Is it a specific user or IP address? One option that you have is to set manager-ips so that only specific IPs can reach the management login page.
View ArticleRe: Annoying “Multiple login failures” Alarm
During installation the Engineer had given me the hidden command to clear it. I lost my notes when I had a harddrive go bad and a new computer replaced it so I no longer have the command. It shows up...
View ArticleRe: Annoying “Multiple login failures” Alarm
The problem is the message continues to display on the console every 10 seconds so before long the screen is full with Alarm Alerts.
View ArticleTrust to DMZ on SSG5 ScreenOS 6.3 help
Hi,after Googling half a day and not finding a solution, I'm sorry to post my question here, hoping for a solution.I have a SSG5 with ScreenOS 6.3.Setup isPrivate network on 192.168.10.x/24 in bgroup0...
View ArticleRe: Trust to DMZ on SSG5 ScreenOS 6.3 help
Run a debug flow basic. This will show how the traffic is being processed. https://kb.juniper.net/InfoCenter/index?page=content&id=KB23844#basicdebug
View ArticleRe: Trust to DMZ on SSG5 ScreenOS 6.3 help
Hi rseibert, thank you for the suggestion.Routing seens to be ok, the (remote desktop) connection is closed with AGE OUT.Installed a web server to test, and the web server is reachable.Have to look...
View ArticleRe: Trust to DMZ on SSG5 ScreenOS 6.3 help
Norton firewall was preventing RDP connections (and ICMP).Thanks for the help!
View ArticlePing just one direction
Hello, I saw the posts here and I believe you can help me to find the problem in my SRX configuration. I Did set up Ipsec VPN between SRX and ASA all Tunnels are up but I could ping one direction from...
View ArticleRe: Annoying “Multiple login failures” Alarm
I don't know the hidden command you reference, but if you do setup manager-ip you can tell ScreenOS to ignore these messages on the subnets...
View Article