host-inbound-services?
--
Mike
On Mon, 5 Nov 2018 at 20:24, Mohammad Khalil wrote:
> Hi all
> I have configured an IPSEC tunnel between two SRX boxes
> I can see the tunnels are up from both firewalls but the ICMP is working
> from one end and not working from the other end!
>
> I have checked
Are you looking for a broadcom based system?
Mike G
On 22 August 2018 at 12:07, vivek sharma via juniper-nsp <
juniper-nsp@puck.nether.net> wrote:
> Hi Experts,
> I just have a small query , Is juniper MX204 platform based of broadcom
> chipset ?
> __
Hi Mike,
An MX104 can certainly give you all those features. Be aware CGNAT needs an
MS-MIC and flow exports require a license.
You might be able to get the base bundle under $20k but add the extras and
it will be over.
Mike G
On 10 April 2018 at 11:45, wrote:
> Greetings,
>
> I am lookin
Probably easier to write your own converter.
Mike
> On 10 Nov 2017, at 21:46, sameer mughal wrote:
>
> Hi,
> Can anyone please share me any good converter from SSG to firepower
> firewall configuration.
>
> I was cisco tool but it is not working and support email address is also
> not replyin
I suggest stream logging:
https://www.juniper.net/documentation/en_US/junos/topics/task/configuration/security-system-stream-security-log-revenue-port-setting.html
We use this on every SRX we have for traffic logging.
Regards
Mike
> On 19 Jun 2017, at 21:45, Aaron Gould wrote:
>
> I'm trying
ing
> 319/335-5751 FAX: 319/384-0549 1256 Seamans Center
> Sys_admin/Postmaster/cell_adminIowa City, IA 52242-1527
> #include
> Better is not better, 'standard' is better. B{
> ___
> juniper-nsp mailing list juniper-
o downgrade code to get older models to
> support it as well.
>
> Sent from my iPhone
>
> > On Oct 28, 2016, at 00:59, Michael Gehrmann
> wrote:
> >
> > Hi James,
> >
> > I'm only aware of Palo Alto and Juniper supporting this function. The
> next
tination ip address, port and
> protocol
> - policy enforcement with action at least like allow, deny, reject
> - policy enforcement based on user role
>
> Cheers
> James
>
>
> -
>
> 2016-10-28 7:21 GMT+02:00 Michael Gehrmann :
>
>> Hi James,
>>
ould do something. I’m
> wondering if there are (cheaper) alternative…
>
>
> Thanks in advance
>
>
> Cheers
>
> James
> ___
> juniper-nsp mailing list juniper-nsp@puck.nether.net
> https://puck.nether.net/mailman
gt;
> ___
> juniper-nsp mailing list juniper-nsp@puck.nether.net
> https://puck.nether.net/mailman/listinfo/juniper-nsp
>
--
Michael Gehrmann
Senior Network Engineer - Atlassian
m: +61 407 570 658
___
juniper-nsp mailing list juniper-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp
t;
> }
>
> }
>
> }
>
> interfaces {
>
> xe-1/0/0 {
>
> description WAN-ExternalSW-0303;
>
> gigether-options {
>
> 802.3ad ae0;
>
> }
>
> }
>
> xe-2/0/0 {
>
>
You could try adding a /32 route to the collector in the master (inet.0)
routing table with next-table management.inet.0
Mike
> On 27 Jul 2016, at 02:38, Jason Lixfeld wrote:
>
> Does anyone know if it’s possible to have sflow export to a collector via a
> routing instance? My collector is
What am I missing?
>
> --
> Victor Sudakov, VAS4-RIPE, VAS47-RIPN
> sip:suda...@sibptus.tomsk.ru
> ___
> juniper-nsp mailing list juniper-nsp@puck.nether.net
> https://puck.nether.net/mailman/listinfo/juniper-nsp
>
--
Michael Gehrmann
Senior Network En
ps/ids/security which will be fine at lower levels.
>
>
> Thanks,
> Payam
>
>
>
>
> On 2016-04-14, 3:45 PM, Michael Gehrmann wrote:
>
> +1 for for Dave's comment. You can only survive until your upstream is
> congested.
>
> Mike
>
> On 15 April 2016
___
> > > juniper-nsp mailing list juniper-nsp@puck.nether.net
> > > https://puck.nether.net/mailman/listinfo/juniper-nsp
> > ___
> > juniper-nsp mailing list juniper-nsp@puck.nether.net
> > https://puck.nether.net/mailman/listinfo/juniper-nsp
> >
> ___
> juniper-nsp mailing list juniper-nsp@puck.nether.net
> https://puck.nether.net/mailman/listinfo/juniper-nsp
>
--
Michael Gehrmann
Senior Network Engineer - Atlassian
m: +61 407 570 658
___
juniper-nsp mailing list juniper-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp
op of the other
> > route server member. When doing a show route it is showing the next hop
> as
> > the IP of the route server itself. As you can imagine, it is not passing
> > traffic correctly.
> >
> >
> >
> > We have set the next hop self on the export
VCCP is basically IS-IS. It's not controllable but you can see what it's doing
in terms of its routing.
Mike
> On 7 Apr 2016, at 21:33, james list wrote:
>
> Dear experts,
> I'm looking information about load balancing inside a virtual chassis of
> QFX.
>
> Let's immagine a square topology VC
zsIQ
> aduF+ZvivduC+fAHLFAoERp4YCJu8l2LW7gWlO9euC8rSThbphGOSf93kOXvZ0/X
> FCogcBU5/uAQRMLmz1wcJX/ztUCRcYF4qLzvyQPhfkYzbyqWNJeymJP6Rzt0iDyE
> MkwilgIO3+DhSlSMTXt0+0t+mTxjrl7rhppC5ESNA2dzHzxiNpbgHDviXnKB5/V8
> 52PqnPaoIQlEWTZnVvRqsGvKhUgCPQqpMHAvxMJKNogM/
nos
> versions ?
>
> BR.
>
>
>
> 2016-02-29 7:21 GMT+01:00 Michael Gehrmann :
>> Nothing public yet.
>>
>>
>>> On 29 Feb 2016, at 17:11, Youssef Bengelloun-Zahr wrote:
>>>
>>> Hi,
>>>
>>> So you Have a DEFECT
Nothing public yet.
> On 29 Feb 2016, at 17:11, Youssef Bengelloun-Zahr wrote:
>
> Hi,
>
> So you Have a DEFECT or PR ID for this ?
>
> BR.
>
>
>
>> Le 28 févr. 2016 à 23:45, Michael Gehrmann a écrit
>> :
>>
>> SRX650 - 12.1X46-D
rds.
>
>
>
> > Le 28 févr. 2016 à 23:27, Michael Gehrmann a
> écrit :
> >
> > We have had the same issue on branch series. Juniper is asking us to run
> a
> > debug version of code. I suggest you contact JTAC.
> >
> > Cheers
> > Mike
&g
> nAaEuoH57zS1e49hPiwBg6fObDEeC6F5psvtFuIGFQl7PRUX1K0IkXGit0rz/OnP
> yyaKFIOMEYM=
> =2HMm
> -END PGP SIGNATURE-
>
> _______
> juniper-nsp mailing list juniper-nsp@puck.nether.net
> https://puck.nether.net/mailman/listinfo/juniper-nsp
>
--
Michael Gehrmann
Senior Networ
er-nsp@puck.nether.net
> https://puck.nether.net/mailman/listinfo/juniper-nsp
--
Michael Gehrmann
Senior Network Engineer - Atlassian
m: +61 407 570 658
___
juniper-nsp mailing list juniper-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp
verview-mx-series.html#jd0e76
On 15 December 2015 at 10:00, james list wrote:
> Hi Mike
> Does ms-mpc support l2 encryption?
>
> Indeed I was thinking mac-sec at 40/100gbs...
>
> Cheers
> James
> Il 14/Dic/2015 23:47, "Michael Gehrmann" ha
> scritt
s
> Il 14/Dic/2015 23:24, "Michael Gehrmann" ha
> scritto:
>
>> For those speeds you are better off getting the traffic encrypted by the
>> end hosts/servers. Pushing encryption to the network will be more expensive.
>>
>> Mike
>>
>> > On 1
For those speeds you are better off getting the traffic encrypted by the end
hosts/servers. Pushing encryption to the network will be more expensive.
Mike
> On 15 Dec 2015, at 02:15, james list wrote:
>
> Dear experts,
>
> a customer of mine is asking for LAN encryption at 40Gbs (with possib
this is related to my setup at all.
> If this is related to a minimum software version please let me know.
>
> kind regards
> Rolf
>
>
> ___
> juniper-nsp mailing list juniper-nsp@puck.nether.net
> https://puck.nether.
ing
> through anything else you want in terms of transit traffic via security
> policies.
>
>
>> Regards
>>
>>
>> Wayne
>>
>
> --
> Hugo
>
> h...@slabnet.com: email, xmpp/jabber
> PGP fingerprint (B178313E):
> CF18 15FA 9FE4 0CD1 2319 1D77 9
hen SPU is highly loaded I can see the
> latency going up...
>
> Should be some (hidden?) command somewhere... =)
>
> //Regards, Niklas
> ___
> juniper-nsp mailing list juniper-nsp@puck.nether.net
> https://puck.nether.net/mailma
t
> https://puck.nether.net/mailman/listinfo/juniper-nsp
>
--
Michael Gehrmann
Senior Network Engineer - Atlassian
m: +61 407 570 658
___
juniper-nsp mailing list juniper-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp
x27;t
forward traffic or participate in the VC.
Michael Gehrmann
Hosting Support Specialist - Networks
Macquarie Telecom
-Original Message-
From: juniper-nsp [mailto:juniper-nsp-boun...@puck.nether.net] On Behalf Of R
LAS
Sent: Thursday, 27 November 2014 11:38 PM
To: Bouzemarene, Fari
Guide if you have any queries on how VC works.
Regards
Michael Gehrmann
Hosting Support Specialist – Networks
Macquarie Telecom
-Original Message-
From: juniper-nsp [mailto:juniper-nsp-boun...@puck.nether.net] On Behalf Of
Edwardo Garcia
Sent: Tuesday, 25 November 2014 4:11 PM
To
/reasons for doing this I can't comment more.
Cheers
Michael Gehrmann
Hosting Support Specialist - Networks
Macquarie Telecom
-Original Message-
From: juniper-nsp [mailto:juniper-nsp-boun...@puck.nether.net] On Behalf Of
Levi Pederson
Sent: Saturday, 22 November 2014 3:59 AM
To: junipe
bandwidth-limit 100m
set firewall policer 100M-Limit if-exceeding burst-size-limit 10m
set firewall policer 100M-Limit then discard
-Original Message-
From: juniper-nsp [mailto:juniper-nsp-boun...@puck.nether.net] On Behalf Of
Michael Gehrmann
Sent: Wednesday, 3 September 2014 9:57 AM
You can make use of policers and use them once or many times.
Every model should support policers however my experience has been on EX4200 &
EX4500.
Example from http://www.juniperlab.info/p/interface-rate-limit-on-ex.html:
1. Configure the policer
root@juniperlab# set firewall policer Policer
Hi Ben,
I believe this document on the juniper site is what you were looking for.
http://www.juniper.net/techpubs/en_US/junos12.1/topics/concept/junos-cli-wildcard-characters-configuration-groups-usage.html
Cheers
Mike
-Original Message-
From: juniper-nsp [mailto:juniper-nsp-boun...@puc
Hi Tobias,
To put it simply your alternative option 2 would work. We use an Internet
table/vrf to collect CE routes and then import a default from the Internet
table into the CE vrf. To make it easy we add communities to the routes for
easy identification.
Regards
Mike
-Original Message--
37 matches
Mail list logo