Poster noted:
When connecting a laptop I can access the GW as well as the Internet But the box itself is not even reaching the GW!
Sounds like either host-inbound-traffic or policies for the junos-host zone may be in order.
-- Hugo Slabbert | email, xmpp/jabber: [email protected] pgp key: B178313E | also on Signal On Thu 2019-Jan-17 08:39:20 +0000, Niall Donaghy <[email protected]> wrote:
Hi Mohammad, What Catalin said. Eg: set security policies from-zone trust to-zone untrust policy permit-all match source-address any set security policies from-zone trust to-zone untrust policy permit-all match destination-address any set security policies from-zone trust to-zone untrust policy permit-all match application any set security policies from-zone trust to-zone untrust policy permit-all then permit set security zones security-zone trust interfaces ge-0/0/7.0 set security policies from-zone untrust to-zone trust policy permit-all match source-address any set security policies from-zone untrust to-zone trust policy permit-all match destination-address any set security policies from-zone untrust to-zone trust policy permit-all match application any set security policies from-zone untrust to-zone trust policy permit-all then permit set security zones security-zone untrust interfaces ge-0/0/0.0 Br, Niall -----Original Message----- From: juniper-nsp [mailto:[email protected]] On Behalf Of Catalin Dominte Sent: 17 January 2019 00:07 To: Eldon Koyle <[email protected]>; Mohammad Khalil <[email protected]> Cc: Juniper List <[email protected]> Subject: Re: [j-nsp] SRX300 Issue Check your security policies as nothing is allowed by default with the SRX. Add permit statements, create security zones and add interfaces to security zones. Then it will work. Catalin Dominte Senior Network Consultant Nocsult Ltd | 2 Cambridge House | Gogmore Lane | Chertsey | KT16 9AP | Phone: +44 (0)1628 302 007 VAT registration number: GB 180957674 | Company registration number: 08886349 P Please consider the environment - Do you really need to print this email? THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus for use only by the intended recipient. If you received this in error, please contact the sender and delete the email and its attachments from all computers. On 16/01/2019, 23:29, "juniper-nsp on behalf of Eldon Koyle" <[email protected] on behalf of [email protected]> wrote: Hello, I don't see any attachments. It is possible that the list is configured to remove them. -- Eldon On Wed, Jan 16, 2019 at 3:10 AM Mohammad Khalil <[email protected]> wrote: > > Dears > Hope this finds you well > I have been struggling with a new Juniper SRX300 since a while with no luck > The setup is so easy , static IP address from the WAN > When connecting a laptop I can access the GW as well as the Internet > But the box itself is not even reaching the GW! > I did also an upgrade for the firmware > Attached is the current conf file > > Appreciate ur input > _______________________________________________ > juniper-nsp mailing list [email protected] > https://puck.nether.net/mailman/listinfo/juniper-nsp _______________________________________________ juniper-nsp mailing list [email protected] https://puck.nether.net/mailman/listinfo/juniper-nsp _______________________________________________ juniper-nsp mailing list [email protected] https://puck.nether.net/mailman/listinfo/juniper-nsp
_______________________________________________ juniper-nsp mailing list [email protected] https://puck.nether.net/mailman/listinfo/juniper-nsp
signature.asc
Description: Digital signature
_______________________________________________ juniper-nsp mailing list [email protected] https://puck.nether.net/mailman/listinfo/juniper-nsp
