Here are two handy firewall filters to apply to any internet facing interface on your JUNOS network device. BOGON List – Apply as input on Internet facing interface – You should also add any Public Address space that you have inside your network [plain] set firewall family inet filter BOGON-DENY term discard-bogon-net from source-address 10.0.0.0/8 [ View Post… ]
Handy Internet Interface JUNOS Firewall Filters
JUNOS Chassis Cluster Node Connectivity
If you are unfortunately working on a JUNOS chassis cluster that does not have the out-of-band management patched (fxp0) then you must use an alternate way to connect to specific nodes and copy files. You are able to copy files and login from to the non active node via the following methods. To copy files [ View Post… ]
JUNOS AppSecure now on Branch SRXs
So application identification / firewall / secure has made it way to the branch. This is awesome news. So I have managed to obtain a 30 day trial to see how it performs on my home SRX100. With ym simple rule base I have seen 1ms increase in my latency!! After adding the license you [ View Post… ]
MiToken + Junos Two Factor Radius Authentication
Do you have Junos devices? If you do, excellent choice. Do you have MiToken? Once again, love your work there. If you don’t have MiToken, it’s a plug-in to the M$ IAS/NPS servers that allows mutiple types of hard and soft tokens to be used allowing secure OTPs with dual factor authentication with your Active [ View Post… ]
Juniper SRX Chassis Cluster + LACP Redundant Eth Interfaces
So a co-worker and I spent some time playing around with JunOS 11’s (I believe it came in with 11 – correct me if wrong) reth’s ability to now be LACP interfaces, as well as just plain redundant. It was not immediately clear how the switch was required to be set up in order to [ View Post… ]
Recent Comments