On Thu, Aug 12, 2010 at 04:01:47PM -0700, Quoc Hoang wrote:
> IMHO, ALGS should be disabled by default.
From what I've seen, Juniper started disabling over half of the ALGs in
recent ScreenOS releases (probably the ones that JTAC has indicated
cause more problems than they solve).
I'm a little su
I found the ALGs on the SRX to be unreliable and most time doesn't work. We had
to disable SQL/RPC/SIP ALGs on our SRX3600 (10.1) to get those services working.
IMHO, ALGS should be disabled by default.
quoc
--- On Thu, 8/12/10, Scott T. Cameron wrote:
> From: Scott T. Cameron
> Subject: [j-n
Hello,
I just had a very unusual production outage.
All traffic was flowing through the SRX3400 (in chassis cluster mode) no
problem.
Suddenly, DNS started to fail. Was not passing through the firewall at all
-- all other traffic was.
The resolution was to disable the DNS ALG.
Nothing interes
On Thu, Aug 12, 2010 at 06:20:38AM -0700, Kaj Niemi wrote:
> On 12/8/2010 15:33, "Chuck Anderson" wrote:
>
> > 1. MX shouldn't require Option 82 (relay-agent-option) in order to
> > function as a stateless DHCP Relay Agent (BOOTP Helper), but it does.
> >
> > 2. MX shouldn't get confused and fai
On 12/8/2010 15:33, "Chuck Anderson" wrote:
> 1. MX shouldn't require Option 82 (relay-agent-option) in order to
> function as a stateless DHCP Relay Agent (BOOTP Helper), but it does.
>
> 2. MX shouldn't get confused and fail to function when the edge switch
> has added it's own DHCP Option 82
On Thu, Aug 12, 2010 at 02:17:14AM -0700, Kaj Niemi wrote:
> On 12/8/2010 12:01, "sth...@nethelp.no" wrote:
>
> > We have tested these two commands, both in daily build versions of
> > JunOS and in 10.0S7.1 where it is implemented. These commands seem to
> > do the job, even if they don't solve a
Hi,
On 12/8/2010 12:01, "sth...@nethelp.no" wrote:
> We have tested these two commands, both in daily build versions of
> JunOS and in 10.0S7.1 where it is implemented. These commands seem to
> do the job, even if they don't solve all of our problems.
What other problems remain? Just curious ;-
> This is supposedly fixed in PR/523902 which is resolved in 10.2R2 10.3R1
> 10.1R3 10.0R4 10.4R1. It includes two hidden commands which should allow the
> forwarding of DHCP traffic on interfaces that are not configured for DHCP
> (when using dhcp-relay or dhcp-local-server). I haven't had the tim
8 matches
Mail list logo
