Disable Interface? (Reposted in right topic)
Accidentally posted this in the JunOS thread... firewall in question is running ScreenOS, I have a bit of an odd issue. I have a firewall with two VPN tunnels up to two different VPN hubs. I need the...
View ArticleWhen upgrading screenOS, I encounter something problem...
Hello all,I have 5 SSG-5.Among them, only 2 SSG-5 can operate properly about upgrading screenOSOthers cannot operate when I upgrade ScreenOS...The steps I progress are below.1. Deleting crypto...
View Articlessg140 vpn throughtput.
ssg140 vpn is 100Mb. Is this shared between tunnels. So if I have 4 tunnels and 1 is doing high traffic it will affect other tunnelsas 100mb is shared ?
View ArticleProtection on the number of connection
Is there any way to put limitation on the number of the connection on netscreen coming from internet on the single destination IP.I am aware of one feature Scree option where i can put screening on the...
View ArticlePolicy ID's
Hi friends, If i have deleted a rule from the policy, is it possible that the same policy ID could be assigned to a new rule in the future? We are hoping the same policy ID will never get re-used, is...
View ArticleEOL ScreenOS firmware download?
Hello. We have a failed Firewall in our HA pair. We are sourcing a replacement, but we need the ScreenOS to match the primary firewall. I need to find a copy of ScreenOS 6.1.0R6. The model firewall...
View Articlemutiple untrust adsl , from trust to untrust only Translated Source Address...
We have 3 adsl on ssg350M Trust Zone: ethernet0/3 192.168.7.254/24Untrust Zone: ethernet0/1 (1.1.1.254/24 ) & ethernet0/2 (2.2.2.254/24) & ethernet1/0 (3.3.3.254/24)ethernet1/0 has one MIP...
View ArticleMIP VPN
Hello all, maybe it's a too simple question. I've to setup a SSG-5 with two VPN tunnels. I'm completely new to Juniper devices and only have an example config and the documentation. My question is:...
View ArticleDial-up VPN to SSG-350 (site to site VPN)
Hello, A dialup VPN client want to access some services in one of the VPN sites. Dialup VPN Client <----------> Site A <----------> Site B172.31.99.63 192.168.135.0/24...
View ArticleRoute Sync in ISG
For the command - "set nsrp rto-mirror route", if we are using VSD-ID 1 (one VSD only). Can i go ahead with this command Or the VSD-ID have to have be 0. If so, is there any other way to sync the...
View ArticleMulticast HB exchange
I have a set up in which 2 HP servers are connected to netscreen firewall via an L2 switches. So as per the design, heartbeat probes are to be initiated from the Server1 goes to the layer 2 switch1 and...
View ArticleISG 2000 SFP module
I have an ISG2000 and i need sfp module with part number FG-TRAN-LX and FG-TRAN-SX. my question is that can i temporarily use SRX-SFP-1GE-LX and SRX-SFP-1GE-SX instead until the order is delivered?
View ArticleHow to enable Skype services to go through SSG Juniper
Hi everyone,I have some machines in my LAN and I need to enable Skype (application) for those.I made the following policy:Source: 192.168.0.25 Destination: www.skype.comService:...
View ArticleSSG140 Site to Site VPN with ASA Multiple Subnets
Hi; Here is my cases.Site A : SSG 140 firmware 6.2 (subnet: 192.168.70.x)Site B : ASA (subnet 192.168.50.x)Site C: HQ (subnet 10.10.x.x) Site A <--- site to site VPN --> Site B (SSG140 and...
View ArticleSSG act as L2TP / PPTP Client
Hi everyone, I was wondering if with the latest releases it was now possible to have an SSG20 act as a PPTP/L2TP client.. dialing out to a vpn provider, and then able to reroute certain subnets over...
View ArticleUpgrade from 6.2 to 6.3 latest firmware
Hi; I am planning to upgrade my firmware from 6.2 to 6.3 (the latest version), do I need any intermediate upgrade first? Or, I can upgrade to 6.3 release 22 directly? How can I find do I need upgrade...
View ArticleRestrict SNMP V3 requests from certain devices - CVE-2008-0960
HiI am trying to mitigate CVE-2008-0960 as it says that the screenos software is vulnerable. They suggest to restrict snmp v3 requests to the SSG firewall to only be allowed from certain devices but I...
View ArticleCreating a New Interface Port - SSG140
First off, please forgive my lack of knowledge as we used to have a Network Admin that handled all this however he has since left the company and hasn't been replaced yet... so sadly it falls on me. As...
View ArticleClik here to view.
Technical information required: multiple interfaces on SSG550M
Hello Community, Thi sis my first message here and l hope somebody can share thoughts. We are trying to run an Algosec scan of our SSG firewall from a remote site on a different network.The issue is...
View Article