From Junos 12.1X47-D25.4 on SRX240H2: markku@srx> show configuration groups junos-defaults applications # # File Transfer Protocol # application junos-ftp { application-protocol ftp; protocol tcp; destination-port 21; } # # Trivial File Transfer Protocol # application junos-tftp { application-protocol tftp; protocol udp; destination-port 69; } # # Real Time Streaming Protocol # application junos-rtsp { application-protocol […]
Tag: junos
Juniper SRX IPsec LAN-to-LAN VPN Part 2
This is the part 2 of my Juniper SRX IPsec LAN-to-LAN VPN posts. In part 1 we had a simple LAN-to-LAN VPN with only one subnet in each site. In this post we have two subnets in Their Site to illustrate the VPN configuration options. Here is the topology for this post. Their Site is […]
Juniper SRX IPsec LAN-to-LAN VPN Part 1
In this post I will show two flavours of configuring a LAN-to-LAN IPsec VPN tunnel with Juniper SRX: policy-based and route-based. I have been under impression that those ways are mutually exclusive so that only one way is valid for a given endpoint in the opposite side. How wrong have I been. Here is the […]
Juniper SRX Traffic Processing
Some pointers to documentation in juniper.net that describe the traffic processing in Juniper SRX platform: Juniper Networks Devices Processing Overview (Junos 12.1X47) Flow-Based Processing Feature Guide for Security Devices (Junos 12.1X47) SRX Getting Started — Troubleshooting Traffic Flows and Session Establishment (KB16110) Short version of the processing order: Per packet policer Per packet filter For […]
Juniper SRX Old and New DHCP, with Problems
At some point I tried to configure Juniper SRX100 with DHCPv6 server, with no luck. The configurations didn’t just work. I gave up at that time, but returned to the matter some days ago. I realized something in Junos DHCP configurations: people are talking about “old” and “new” ways to configure DHCP server and client […]
Originating Default Route in OSPF in Junos
I have a Junos router (Juniper SRX) with the default route pointing to the ISP (IP and default route assigned by DHCP) and a pair of Cisco Nexus switches with OSPF routing between all the boxes. I needed to originate a default route from SRX to Nexus switches. First, in order to be able to […]
Junos authentication-order Configuration
In Cisco IOS you usually configure RADIUS or TACACS+ authentication with local user database as a backup, and you explicitly define the “local” keyword to tell that the local database is used if external servers are not responding. If the external server says “rejected” then the local database is not consulted. In Junos you use […]
Juniper SRX100 Junos Upgrade Process
Upgrading Junos on Juniper SRX100: JTAC Recommended Junos Software Versions: http://kb.juniper.net/InfoCenter/index?page=content&id=KB21476&smlogin=true Junos downloads for SRX100: https://www.juniper.net/support/downloads/?p=srx100 Copy the new Junos image in a USB memory stick. Plug the USB stick to SRX100. On SRX100, start the unix shell, check the USB stick device name and mount the stick: admin@srx100> start shell % dmesg … umass1: […]