SSG5 DHCP Relay not working after tunnel cycles
We have an office location that has been having a problem with their provider going down. When it goes down, of course the tunnel drops. When the provider network comes back up, the SSG5 reconnects the...
View ArticleISG2000 High Availability issue
Hello experts,We have a deployment of CoreFirewalls ISG2000 x 2 in HA. recently i observed that the backup unit is giving RED indication of HA LED. I don't know much about the HA config but it seems...
View ArticleRouting change from tunnel to a direct link issue
Hi All, Existing setting:HQ and the remote office are using site-to-site VPN to communicate. 96.0/20 traffic are routed via eth1/3.1 via the tunnel to remote site office.192.168.96.0/20 <NS...
View ArticleSite-to-site VPN between 3 locations (hairpin NAT)
Want to connect the VPN between 3 sites like belowBranchA(SSG140) <-> HA(SSG140) <-> BranchB(Palo Alto PA-820)The VPN between the branch and HA were establish. Problem is how to make Branch...
View ArticleAuthentication window does not work in a world of "Let's Encrypt"
This is on an SSG5: For years, I have been limiting Internet access from a couple subnets via the authentication option. The users would have to enter a valid local userid & password to get out....
View ArticleSelective NATing
I recently changed my ISP such that now my SSG5 needs to do the NATing function for the private IP addresses. I have a /28 block of public addresses behind my ISP access gateway (that only NATs the...
View ArticleSSL ciphersuite
On my SSG5, I am running 6.3.0r26, which I believe is the most current. The most current SSL cipher shown in the GUI is 3DES-SHA1. the config has: set ssl encrypt 3des sha-1 My browser does not...
View ArticleNetscreen with MIP configured to internal host uses egress interface IP for...
Hi I've got a MIP configured on a netscreen (v6.3) firewall, the inbound traffic works fine but when traffic from the internal host leaves to the internet, it doesn't use the MIP external IP Address...
View ArticleClik here to view.
SSG 520 Physical Bandwidth on Interface
Hello,I have an interface on our SSG 520 device that has a physical bandwidth set to 100Mb. The other interfaces are 1000 and we are increasing the speed of the circuit on this interface and need to...
View ArticleHow to show response time of each ping
Seems that the default ping is rapid style. Give me 5 "!" in a blink of an eye.Is that possible to make it show like the ping result in Windows. Which show the bytes, time and TTL for each ping.Also,...
View ArticleNetwork setup change
Currently, we have IPSEC VPN tunnels between juniper devices. I have a SSG5 as the firewall. We are moving to AT&T MPLS with a cloud-based firewall. I will be keeping the old circuit alive for 2...
View ArticleNo VPN Traffic Flows for 3 Minutes after Phase 2 ReKey
I have a couple of small business customers that are still using NS5GTs. One of them has an Office in CA and another Office in Florida. Both Offices have a static public IP and an NS5GT with a...
View ArticleClik here to view.
Connect 2 Juniper SSG5 one after the other
Hello, I apologize first for my English. It is not my language.I want to set up a network in my office as follows:A fiber router connected to the Internet, connected to this router I have a Juniper...
View ArticleRouting to trusted subnet
Dear Community,I hope you can give a a little help.We inherited a network with an old SSG 5 (will be replaced in some weeks). This SSG 5 is connected to LAN (via bridge0) and WAN. A primary...
View ArticleSSG5 no VPN connection possible
Hello,I have been trying to establish a vpn tunnel with my ssg5 device by means of Shrew Soft app.I followed this tutorial:https://www.shrew.net/support/Howto_Juniper_SSGI cannot tell how many times...
View ArticlePass multiple subnets through the SSG-20?
I have an SSG-20 with multiple public subnets. One is external, the others are internal. Substitution addresses here for convenience. Eth 0/0 - 1.1.1.1/28Bgroup0 - 192.168.250.1/24Subnets behind SSG -...
View ArticleI want to change the Interface of a zone from 1G to 10G port
Dear All, I have a ISG-2000 in production, and need to move a tagged interface for zone ABC tagged under interface "ethernet4/2.826" to a 10G port. How can I do this with minimum service affect?The...
View ArticleSSG5 Site to Site VPN Won't come up Inactive/Inactive
New member to the forum have an issue with new vpn tunnel new install do not know what my issue is. s the config flawed or is the isp blocking my vpn? Thanks Michael cfg files as followscfg1unset key...
View Article