Re: Need to reach route 172.17.11.64 but it shows as "Reject"
Thanks a lot man, that was it.
View ArticleRe: Need An Advice
The exact configuration and use of the devices will depend on what your application is and what kind of network this is supporting. Where are the devices, how are they segmented, what is the upstream...
View ArticleRe: Need An Advice
But firstly , we have isp connection with bgp.we do not trust srx 3600 so much because it has some bugs. And we have 800+ servers if infected 2 server sends small pps from the inside it locks the all...
View ArticleRe: Need An Advice
Seems like you want to redesign the network? Seems like this may work for youISP=>MX (gateway Router)=>SRX (security and firewall- apply AppSecure and Screens to protect network=>EX. SRX will...
View ArticleClik here to view.
Re: Need An Advice
Exactly but we do not trust the srx stability so we plan to do sth. like the given image below. But there are mainly 3 problems. 1. Is there any possible way to policy based route the traffic if...
View Articledevice Routing over IPSec VPN
I know how to do this, but it's lost in the cobwebs... I just finished setting up a new SRX220 to replace an old ASA. It's connecting over a VPN tunnel to another ASA at our headquarters. I got all...
View ArticleRe: device Routing over IPSec VPN
root> show configuration security policies from-zone trust to-zone untrust { inactive: policy vpn_Tacoma_Seattle { match { source-address Tacoma; destination-address Seattle; application any; } then...
View Articleibgp remote prefix list
Is there any possible way to share a prefix list in ibgp members devices ? or is there any way to write one prefix list on a device and it will be accessible on other devices ?
View ArticleRe: Need An Advice
Unfortunately I do not have the time to look at your config, but generally your requirements can be met.This wold definitely require spending a lot of time on all the requirements, but generally lets...
View ArticleRe: Need An Advice
So for a solution with routes. We need Metric routes For UDP Traffic if UDP fw is not accessible then it will route the SRX If srx is not accessible then it will route to the EX For tcp trafficif srx...
View ArticleRe: device Routing over IPSec VPN
I can't find the documentation right now, but my recollection is that by default self traffic sources from the lowest ip address configured on the device. If you configure a loopback address and then...
View ArticleRe: ibgp remote prefix list
No, the prefix lists are only visible to the device on which they are configured. You will need to set them on all the devices that need the list.
View ArticleRe: ibgp remote prefix list
Depending on what you are doing in your policy, you might be able to use communities instead. You can use communities for actions in a policy and only one device then needs to add the community while...
View ArticleRe: Need An Advice
Is there any destination traffic upstream of the MX that is NOT on the internet? the only way I would think it is a good idea to have that direct connection from the MX to the EX is if there is TRUSTED...
View ArticleClik here to view.
Re: Need An Advice
Actually this diagram worked perfectly with given conf but this time we need to add fwdonus filter to all of the irb units.we should add this on the ex return because it is in family bridge mode and...
View ArticleRe: OSPFv3
Additonal notesProtocol processing is done on a per link basis, not per subnet, which means you need only a single adjacency per link even if there are multiple IPv6 subnets on the link. This...
View ArticleRe: Export Eval flag Explanation
http://www.juniper.net/documentation/en_US/junos12.1x46/topics/reference/command-summary/show-bgp-neighbor.htmlInternal BGP flags:Aggregate Label—BGP has aggregated a set of incoming labels (labels...
View ArticleClik here to view.
I've LOOKED AND LOOKED AND LOOKED AND LOOKED for two years now. j2350...
I bought one Juniper switch and three Juniper routers for my certification studies and a couple of client installations. I made the mistake of not making sure that they all had brackets.Of course,...
View Article