Re: [j-nsp] SRX3600 Problem

Hi Cahit Your assumption about the order of operations seems to be wrong. If the screen is before the filter, then how come the pings are blocked before you start your attack script? Since your initial pings are blocked this means the filter is working (at least during normal loads).. It is

Re: [j-nsp] SRX3600 Problem

hi cahit have you enabled any screens on the interface under attack? regards farrukh On Tue, Apr 21, 2015 at 7:22 PM, Cahit Eyigünlü cahit.eyigu...@spd.net.tr wrote: We are getting a spoofed ip syn attack. When attack starts and over 100K pps our SRX3600 was losting the connection. And we

Re: [j-nsp] SRX to vshield lan2lan

. Regards Farrukh Haroon CCIE-SEC(#20184), JNCIE-SEC (#91) On Thu, Jun 20, 2013 at 7:33 PM, bizza biz...@gmail.com wrote: Hi all, does anyone has setup a lan to lan ipsec vpn between juniper srx and vmware vshield? I tried various configuration, but I still have some problems. [...] root

Re: [j-nsp] srx cluster - control and data link throuigh cisco

cluster with VLAN tagging. So, with the 10.4 release on SRX, you do not have to set the trunk mode with vlan-id 4094 on the interface of EX switches http://kb.juniper.net/InfoCenter/index?page=contentid=KB23995 Regards Farrukh Haroon JNCIE-SEC # 91 On Thu, May 30, 2013 at 3:57 AM, William

Re: [j-nsp] SRX Remote log denied traffic

Hello Mike Was wondering if you can get the deny logs while doing local logging? set system syslog file TEST-DENY any any set system syslog file TEST-DENY match RT_FLOW Regards Farrukh On Fri, Feb 22, 2013 at 4:39 AM, Mike Devlin juni...@meeksnet.ca wrote: So fingers crossed that this is

Re: [j-nsp] Multihoming Using Juniper SRX 240

and User VLANs 4 and 5 go to ISP-B. If any of the ISP is down, all traffic should go through the live ISP. There is an example of using FBF to do this in the SRX Security config guide and in the O'reilly SRX security book (Chapter 11) Regards Farrukh Haroon Riyadh,KSA On Tue, Nov 20, 2012 at 9

Re: [j-nsp] ISG Dropping TCP packets

Dear Nicholas Thanks a lot for sharing this with everybody. Regards Farrukh On Fri, Sep 2, 2011 at 3:29 PM, Nicholas Oas nicholas@gmail.com wrote: An update, this issue is officially PR 677385. JTAC is working on a fix. Since I last posted we have observed the bug on an additional

Re: [j-nsp] IPSEC VPN tunnel is not accepting only SMTP traffic

Is this an ASA Firewall? Try turning off ESMTP fixup on the ASA side. Regards Farrukh On Fri, Jul 2, 2010 at 4:27 PM, Fahad Khan fahad.k...@gmail.com wrote: Hi Folks, I am facing an issue regarding an IPSEC tunnel between ISG1000 and Cisco box, The VPN is up, all traffic is going through