Netscreen with MIP configured to internal host uses egress interface IP for...
Hi I've got a MIP configured on a netscreen (v6.3) firewall, the inbound traffic works fine but when traffic from the internal host leaves to the internet, it doesn't use the MIP external IP Address...
View ArticleRe: Netscreen with MIP configured to internal host uses egress interface IP...
You will need to create the MIP on interface 9.1 instead of the loopback interface.
View ArticleClik here to view.
Re: Netscreen with MIP configured to internal host uses egress interface IP...
Thank you so much, I had a feeling about that but I am new to the netscreens so wasn't sure. It's something that wasn't obvious to me from documentation Me and many many others on this forum...
View ArticleClik here to view.
Re: Netscreen with MIP configured to internal host uses egress interface IP...
Just another question please, I've got my other VIP configured like this, will those behave in the same way?? I will ensure that routes are in place to the internal destination (mapped IP) Sorry if...
View ArticleRe: Netscreen with MIP configured to internal host uses egress interface IP...
Yes, the MIP and VIP should be placed on the ingress interface.
View ArticleRe: ISG2000 arp timeout values
Hi piccolo78Its 20 minutes, 20 x 60 = 1200Seconds. For more info please follow the given below link https://kb.juniper.net/InfoCenter/index?page=content&id=KB6771&actp=METADATA
View ArticleClik here to view.
SSG 520 Physical Bandwidth on Interface
Hello,I have an interface on our SSG 520 device that has a physical bandwidth set to 100Mb. The other interfaces are 1000 and we are increasing the speed of the circuit on this interface and need to...
View ArticleRe: SSG 520 Physical Bandwidth on Interface
Hi, please check KBhttps://kb.juniper.net/InfoCenter/index?page=content&id=KB25916&cat=SSG_5&actp=LISTThanks,Vikas
View ArticleRe: SSG 520 Physical Bandwidth on Interface
Link speed and duplex can be either auto-neg or explicity set. To confirm how the link speed and duplex is set.Choose the edit option next to that interface in the listSelect the Phy tab on the top of...
View ArticleClik here to view.
Re: SSG 520 Physical Bandwidth on Interface
Thanks for your help so far!Unfortuantely I don't have the "Phy" tab at the top of the edit interface screen.
View ArticleRe: SSG 520 Physical Bandwidth on Interface
I'm not used to that being missing from the web ui.But these can also be set from the cli as well. https://kb.juniper.net/InfoCenter/index?page=content&id=KB5453 From the configuration > Config...
View ArticleHow to show response time of each ping
Seems that the default ping is rapid style. Give me 5 "!" in a blink of an eye.Is that possible to make it show like the ping result in Windows. Which show the bytes, time and TTL for each ping.Also,...
View ArticleRe: How to show response time of each ping
Nothing much can be done, max you can change payload size etc. See an example below : -> ping << hit enterIP version [4/6]:4Target IPv4 address:4.2.2.2Repeat count [5]:10Datagram size...
View ArticleNetwork setup change
Currently, we have IPSEC VPN tunnels between juniper devices. I have a SSG5 as the firewall. We are moving to AT&T MPLS with a cloud-based firewall. I will be keeping the old circuit alive for 2...
View ArticleRe: Network setup change
Yes, that should work as described. Be sure you connect the mpls line as a separate routed link on the firewall and not to the same trusted subnet where the end user devices are. If it is in the same...
View ArticleRe: Network setup change
Steve, I have sent my config file to juniper support, but i don't think i understand their instructions. I have a SSG5 connected to a netgear switch to which the MPLS is also connected. They say my...
View ArticleRe: Network setup change
By not working, i mean they said I needed a policy based route for 80 an 443 traffic to go from the juniper to the MPLS. The static routing for LAN traffic appears to be working.
View ArticleRe: Network setup change
I'm not sure I have a good picture of the LAN segments and connections. Your MPLS is connected to a switch along with an interface on the SSG5.Is the next hop address to send traffic to the MPLS...
View ArticleRe: How to desactivate an VPN temporaly on a SSG-500
Hello I think the best way is to unbind tunnel in VPN. I am using this to temporiraly deactivate primary vpn. traffic successfully shifted to secondary vpn. Bind to none while using graphical...
View ArticleRe: How to desactivate an VPN temporaly on a SSG-500
Hello I think the best way is to unbind tunnel in VPN. I am using this to temporiraly deactivate primary vpn. traffic successfully shifted to secondary vpn. Bind to none while using graphical...
View Article