SSG 5 Firewall to Firewall VPN
I have 2 building connected Router to Router thru 10MB Internet. Both are SSG 5 device running same OS. The VPN is working, but I am seeing issue with performance. The WAN has Domain Authentication to...
View Articlewho can help me to analyse the session information below
Total 3 sessions according filtering criteria. id 221406/s**,vsys 0,flag 08000040/0000/0001/0000,policy 88,time 180, dip 0 module 0 if 5(nspflag...
View ArticleECMP
hi:kindly could you please help meI have a juniper ssg550,I have configured 4 lines on it with ecmp and i configure 75 policy based vpn.I want to add 5th line and i know that the max for ecmp is 4 so...
View ArticleWeb Filtering Can't Work
I have been update license web filtering on juniper ssg 5, and then i have been configuration but the result still not implement. This is Step By Step for my configuration1. Object --> User -->...
View ArticleSSG140 SNMP over Internet
Hi, I've been trying to configure Snmp on ssg140 over public/Internet to monitor on SolarWinds server. Got this message on ssg 'SNMP request from an unknown SNMP community aaa at X.X.X.X:xxxx has been...
View ArticleJuniper SSG VPN multi site with a mixture of remote VPN mode
Hello, I 've a main site A which is running on NAT traversal mode connecting to a remote site B traversal mode(due FW sitting behind a Natted router) using IPSEC VPN. My question is can I setup...
View ArticleClik here to view.
NS-208 : imagekey.cer problem (netscreen 208)
hello all i explain my situation i have a NS-208 and upgrade OSi have a mistake!!!that is it. i inject imagekey.cer fileCLI : save imagekey tftp imagekey.cer and next time rebooting situation.NS...
View ArticleLicense
Hello, Im a little confused on licensing. If i have a 50 vsys license and all the zones are used up. Can I purchase additional license for just the zones? or do I purchase additional vsys license which...
View ArticleSimple block policy from "external" to "Untrust"?
Hi everyone, a simple question. I want to block an ip address, that tries to access my juniper directly. It tries to establish a VPN connection. This gets rejected because there is no VPN gateway...
View ArticleSSG-5 bgroup Interface IP vs. Manage IP
I have some SSG-5s that I set up years ago. The bgroup Interface IP AND the Manage IP are the same. I have read that this is the default condition. Yes I have!I have also received error messages when...
View ArticleSuddenly WEBUI and SSH don't work on SSG-5
I was working on setting the manage IP address on this system when the WEBUI stopped working.Now neither the WEBUI nor SSH are working - but they had been.The SSG responds to pings at the right...
View ArticlePCAP file size limit when running Snoop on ssg550
I'm hitting a limit of 128KB file size on PCAP files that I export using snoop. I need to capture traffic for about 5 minutes and this is limiting me. Here is my filter: ssg550-> snoop infoSnoop:...
View Articlessl_error_no_cypher_overlap when trying acess to SSG5
Hello im trying to acces my SSG5 via firefox but i get error message "ssl_error_no_cypher_overlap" what is wrong? Something with FF or SSG5? Please help me
View Articleadding a vsys upgrade license
Hello, was just wondering how to add an additional vsys license(upgrade) to a firewall that already has 50 vsys. I have the license which is 50 upgrade to 100 vsys. what is the process to install the...
View Articlessg 5 vlan sub int dhcp
Hello, i have a ssg5 Version 6.3.0 and try to get a dhcp address from a taged sub int. config:eth0/4 0.0.0.0/0 NUlleth0/4.1 192.168.20.1/24 zone 3 tag 3 eth0/4.1 dhcp service server (gw 192.168.20.1...
View ArticleBackup WAN interface vpn tunnel
I have a client with a Juniper SSG 550 latest version Screen OS that wants to send all his VPN traffic using his backup ISP connection. He will use his main ISP for web traffic. I know I can send...
View ArticleSSG140 | Huge udp packet losses
Good afternoon, We are trying to solve out some strange issue withpair of SSG140 (6.3.0r23.0). We do see lot of UDP packet losses there, and thatcan be 37% when traffic is around Mbps. So, for exampe,...
View ArticleSIP sessions allocation error message
Dears, i have a screenOS 6.3 running on Juniper SSG350m firewall, recently i found log messages saying"Cannot allocate SIP call because device is fielding too many calls" after a quick search i found...
View ArticleIKEv2 to replace L2TP/IPSec dialup VPN
We have been running L2TP/IPSec for a quite some time already (SSG550 / 6.3.0r23.0).Decided to switch to IKEv2 as it suppose to be simpler solution.We did some testing, run into something I don’t...
View Article