Exchange & Outlook connection issues over IPSec VPN
Hi, I'm having issues where the outlook clients loose connection to the Exchange server and are disconnected over VPN. The setup is like this: CLIENTS-->SWITCH-->Internal FW (SSG20) ---> VPN...
View ArticleVPN failing at early IKE state
Hi, I'm having issues with the following messages in the event logs: Phase 1: Retransmission limit has been reached.Rejected an IKE packet on ethernet0/2.1 from 74.92.x.x:500 to 72.21.x.x:500 with...
View ArticleSource Nat
I am working over a new design in which i have a doubt regarding source nat. In source NAT we can perform it on basis of policy based natting or by DIP defination.So want to know if connection is only...
View Article[ask] configure ssg for user must connect proxy server
Hello i want to ask, i have a proxy server with address 192.168.10.10 and juniper ssg with address 192.168.10.1how to configure if user connect to internet must change to my proxy in juniper? so if...
View Articlesource and destination nat in one command
Sophos can do following.src_address-any destination_address-public_ip1 service-port 6880Change source to - public_ip2Change destination to - public-ip in internetpublic_ip1 and 2 are in same subnet on...
View ArticlePolicy shows grey even when domain name is resolved.
When I add a policy on ssg550 Trust to untrust . I am adding domain name in untrust which fw is able to resolve. But still this policy comes as greyed .
View ArticlePolicy Source NAT over an IP SEC VPN
Hi I have a need to configure NAT on a Juniper netscreen 500 firewall running OS 5.4.0r21.0 (Firewall+VPN). Old I know, but I cannot do anything about this for now. I am unfamiliar with NAT on a...
View ArticlePython Paramiko with netscreen
Hello, I am trying to use python script to connect to netscreen firewall using paramiko and grap some commands output. It works fine with Juniper SRX, however it is not working on netscreen. If any...
View ArticleNetScreen 204 Intermittent connectivity issues
Hello, We have an older 204 that we're using to DHCP addresses for our DMZ that as of the last week has started to become unreliable... when looking through the logs, there are hundreds of lines of...
View ArticleSSG550M Firmware upgrade from 6.3.0r15a.0 to 6.3.0R22
Hi All, My colleague to try upgrade the firmware from 6.3.0r15a.0 to 6.3.0R22 but it's was unsuccessful. Kindly advice do we have to upgrade the firmware patch by patch or is there any other way that...
View Articlessg140 passive fw taking traffic
I have ssg140 in active/passive working. For some reason Trust interface on passvie which shows Inactive is taking traffic.
View ArticleError in updating attack database on ISG2000-IDP
Error Code:Error Text: Exception caught during Update Device:Device has returned an Error. The file might be invalid one. Return value: -4904Error Details: No Details Available.
View ArticleNSRP issue
Any one experienced any issue related to nsrp, in which backup firewall countinously getting the bgp idle message logs and keep on refereshing the dns entries. The firewall in question is acting as...
View ArticleNetScreen IPSEC VPN
I have run into a brick wall trying to setup an IPSEC site2site VPN with a Juniper ISG 1000 on one end and a Cisco router on the other. What makes this configuration even more complicated is that I...
View ArticleClik here to view.
SRX to SSG5 Route-based VPN with GRE?
Alright, so here it goes: I nailed up a simple lab environment, after a few attempts of failing, and now successfully have a functional Route-based IPSEC Tunnel between an SRX100B and SSG5. The code on...
View Articlehigh CPU utilization
Dears, i have SSG350 firewalls, recently i noticed that the CPU is getting veryhigh on peak time during the day (check attached image), logs are not showing any kind of attacks on the firewall, i need...
View Articlessg14- Report - Interface Bandwidth
I see total allocated gbw with a value. I have checked few other ssg140s they dont see that value.I dont have any traffic shapping configured on this interface. bandwidth: physical 1000000kbps,...
View ArticleNetscreen Redundant Interface
In Redundant Interfaces, when one of the interface is active and other is passive, and we configured OSPF over that redundant interface, will disabling of the primary interface in that redundant...
View Article