From Junos 12.1X47-D25.4 on SRX240H2: markku@srx> show configuration groups junos-defaults applications # # File Transfer Protocol # application junos-ftp { application-protocol ftp; protocol tcp; destination-port 21; } # # Trivial File Transfer Protocol # application junos-tftp { application-protocol tftp; protocol udp; destination-port 69; } # # Real Time Streaming Protocol # application junos-rtsp { application-protocol […]
Tag: juniper
IPsec VPN Tunnel between F5 BIG-IP and Juniper SRX
This post is an example of configuring an IPsec tunnel with F5 BIG-IP. In the diagram below the IPsec tunnel is configured between SRX210 (Junos 12.1X47-D20.7) and F5 BIG-IP (11.6.0 HF5-ENG11). F5 BIG-IP is connected here in one-arm setup. The SRX240 is not “an interesting device” in this demonstration. It is just a firewall and […]
Juniper SRX IPsec LAN-to-LAN VPN Part 2
This is the part 2 of my Juniper SRX IPsec LAN-to-LAN VPN posts. In part 1 we had a simple LAN-to-LAN VPN with only one subnet in each site. In this post we have two subnets in Their Site to illustrate the VPN configuration options. Here is the topology for this post. Their Site is […]
Juniper SRX IPsec LAN-to-LAN VPN Part 1
In this post I will show two flavours of configuring a LAN-to-LAN IPsec VPN tunnel with Juniper SRX: policy-based and route-based. I have been under impression that those ways are mutually exclusive so that only one way is valid for a given endpoint in the opposite side. How wrong have I been. Here is the […]
Juniper SRX Traffic Processing
Some pointers to documentation in juniper.net that describe the traffic processing in Juniper SRX platform: Juniper Networks Devices Processing Overview (Junos 12.1X47) Flow-Based Processing Feature Guide for Security Devices (Junos 12.1X47) SRX Getting Started — Troubleshooting Traffic Flows and Session Establishment (KB16110) Short version of the processing order: Per packet policer Per packet filter For […]
Juniper SRX Old and New DHCP, with Problems
At some point I tried to configure Juniper SRX100 with DHCPv6 server, with no luck. The configurations didn’t just work. I gave up at that time, but returned to the matter some days ago. I realized something in Junos DHCP configurations: people are talking about “old” and “new” ways to configure DHCP server and client […]
Originating Default Route in OSPF in Junos
I have a Junos router (Juniper SRX) with the default route pointing to the ISP (IP and default route assigned by DHCP) and a pair of Cisco Nexus switches with OSPF routing between all the boxes. I needed to originate a default route from SRX to Nexus switches. First, in order to be able to […]
Juniper SRX100 Junos Upgrade Process
Upgrading Junos on Juniper SRX100: JTAC Recommended Junos Software Versions: http://kb.juniper.net/InfoCenter/index?page=content&id=KB21476&smlogin=true Junos downloads for SRX100: https://www.juniper.net/support/downloads/?p=srx100 Copy the new Junos image in a USB memory stick. Plug the USB stick to SRX100. On SRX100, start the unix shell, check the USB stick device name and mount the stick: admin@srx100> start shell % dmesg … umass1: […]
Juniper SRX100 Traceoptions Performance
I have a 50Mbit Internet connection here at home and I’m having a Juniper SRX100 routing it. I just noted that I did not remember to remove the traceoptions configuration and it was affecting the performance on the SRX100. Here is the quick summary and comparison: With the following traceoptions: [edit] admin@srx100# show security flow […]
Juniper SRX100 and HE IPv6 Tunnel
“And now something totally different” I bought a Juniper SRX100 as my Buffalo access point/router did not keep up with my upgraded Internet connection speed. I hadn’t used Junos practically at all before that so that world was new for me. I had some specific requirements for my new router: Size (small enough to fit […]