Need assistance with VPN source NAT.
Two private IPs from different subnets have to be translated to one public IP using route based VPN. Thanks in advance!
View ArticleMonitor/Alert on config out of sync
Hello, We had a couple issues where firewalls failed over and the backup was not in sync causing connecitivity issues. I was wondering is there any way to alert on an active/backup HA pair to ever...
View ArticleSSG-140 speed between gigabit interfaces
In testing, I've found a major limitation of the SSG-140's gigibit ethernet ports and am wondering if there is a solution. Thru a gig switch, I can see traffic hitting near that gig speed, 900MB/s...
View ArticleI want nat vip from ip behind vpn ipsec
Dear, i need your help, i need to configure a nat vip with one ip from other side vpn route-based in my ssg20 .Chile ssg350 (192.168.210.0/24)-----------WAN----------------Peru ssg20 ( 172.16.10.0/24)...
View ArticleApple iPhone/iPad VPN to ScreenOS - now possible!
Hi, For a long time, I was trying to find solution to establish VPN connection between Apple iPhone/iPad devices and ScreenOS SSG devices, but without success. Now, with latest Apple iOS improvements,...
View ArticleClik here to view.
How can I deal with SPEED?
[Circumstances]Two weeks ago, I posted its relevant question becuase I should configure SSG-320M.After that, thanks to you guys devices, everything is OK, every packet flows well. However, now I have...
View Articleload balanced Netscreen 204 | 2 ISP
Hello all I have a big question for my knowegde. I have a private network /16 on the trust zone. and on the untrust I have the ISP1 with public IP, I have a policy to make nat the private network on...
View ArticleSSG ScreenOS, Source routing and IP tracking
Hi ScreenOS boffins out there,I have a need to get as much parity in WCCP as I can from ScreenOS.I think PBR/Source Routing with IP tracking/monitor will do it.It will give me failover with link...
View ArticleTCP DUP ACK
Hi, Have a SSG140 that is generating Tcp dup ack packets and retransmission.Have not fault with switch behind (changed ports), MTU match all over (1500) and there is no packet loss.Changed the firewall...
View Articletrust and untrust for the same network
Is it logical when a screen OS configuration has trust and untrust for the same network? set address "Trust" "89.111.0.0/255.255.0.0" 89.111.0.0 255.255.0.0set address "Untrust"...
View Articlescreen OS to SRX
hello Champion, here i am facing a little problem while converting security policies from screen OS to SRX please if anybody convert the below config or guide me either iam going right way or not ? set...
View ArticleNSRP switchover
Hi guys, Ihave a question regarding a switchover i want to perform on our ISG 2000 cluster. We have an Active/Passive NSRP configuration. We basically want to switch over the current Active fwl to the...
View ArticleHELP THE NOOB
I am new to firewalls; I have mostly been a layer 2 switch/router technician until now. I am now on a firewall team and one of the firewalls I am struggling with is a Juniper SSG 520M. The first fail...
View ArticlePrioritizing VoIP traffic over VPN
I have a NEC phone system with an SSG on one side and a SRX on the other. They are connected witha VPN. What is the best way top prioritize the traffic? I assume I would have to somehow prioritize...
View ArticleTraffic Shaping SSG
My customer has a 60X5 Internet connection. They often do large uploads and when they do the upload kills everyone's Internet speed. Is there any way to limit the user's bandwidth speed to no more...
View ArticleSSG-140 boot loop problem
The firewall is stuck in a boot loop. When I use the serial console I can get the chance to "hit any key to run loader" When I do that and enter the bootloader file and the ip addresses of the tftp...
View ArticleSSG5 - moving from 10M to 100M line
All, We currently have a 10M line as out main line and an ADSL backup line on an SSG5 F/W 6.3.0r16.0 and H/W 710(0).We just got connected to a 100M line and i've basically configured the 100M line on...
View ArticleHow to use public IPv4 IPs inside VPN tunnels for several customers
Hi firewall folks, what we are trying to achieve is sth. similar like this. Let's say you have X customers. Each Customer needs to access the same servers in the datacenter. Since we have a unused IPv4...
View Articlehow much space use for Log on ssg20 128MB
hai all, i have ssg20 128MB, the question from my customer "how much space use for log on SSG20 seri 128MB". Thanks,
View ArticleSSG-5-SH not working anymore
When I connect the console I get the following :uniper Networks SSG5 Boot Loader Version 1.3.2 (Checksum: A1EAB858) Copyright (c)...
View Article