Juniper SRX300 IPv6 tunnel

The SRX300 (and SRX550M) are configured to drop IPv6 traffic by default: see documentation: When IPv6 is configured on SRX300 Series and the SRX550M devices, the default behavior is set to drop mode because of memory constraints.https://www.juniper.net/documentation/en_US/junos/topics/task/configuration/ipv6-flow-processing-enabling.html This can be confirmed: admin@CS7-HQ-FW02> show security flow status Flow forwarding mode: Inet forwarding mode: flow based Inet6... Continue Reading →

Juniper SRX – BAD_DUDES

Whilst completing my studies for the JNCIA-Junos exam I was trying various configuration on my SRX110 and decided to expose it to the internet as my LAN 'DMZ host', after a little while I noticed the log filling up with messages like these: Feb 14 11:24:24 2018 CS7-SRX01 sshd: SSHD_LOGIN_FAILED: Login failed for user 'root'... Continue Reading →

tunnel VRF

This post came about after answering a question on CSC regarding tunnels and VRF, and will elaborate on the the use case I suggested. Imagine two sites with multiple VRFs which need to communicate intra-VRF over a public WAN, lets run through the configuration options: Option A Each VRF would require a public IP which... Continue Reading →

Cisco WLC Mobility Groups

Cisco WLC Mobility Groups - Data Path down/ Control Path down Cisco Mobility Group – Anchor : Data Path Down The path of the mobility group EtherIP tunnel between WLCs passes through a single CheckPoint firewall (R77.20), requiring that rules be defined to allow UDP/16666 and TCP/97 traffic to and from the WLCs. I created... Continue Reading →

Blog at WordPress.com.

Up ↑