Author: rtoodtoo
Worked for more than 10 years as a Network/Support Engineer and also interested in Python, Linux, Security and SD-WAN
// JNCIE-SEC #223 / RHCE / PCNSE
RtooDtoo.net has been viewed 160.000 times in 2014 according to the JetPack statistics. I have also made site statistics public at http://jetpack.me/annual-report/26225264/2014/ I must say that I really liked this yearly report which also shows me an overview about what I have done in the past years. However, I am far behind my target and still
Read More »
If you haven’t seen so far and are preparing for JNCIE-SEC exam, you shouldn’t miss this news. Beginning February 24, new exam will also include AppSecure topic. Check this link out : http://www.juniper.net/us/en/training/certification/es_track.page
If you have ever configured syn-flood screen on an SRX box, you might have asked yourself which one of these methods you should choose. Here I would like to show the effect of each option in session table. Configure syn-flood as below; {primary:node0} root@CO-A-1> show configuration security screen ids-option protect-web { tcp { syn-flood {
Read More »
Internet isn’t perfect and we may have link failures from time to time. How do we react to these failures? Manually or we have an automatic way. I would like to show on this post how Junos can take action upon an upstream gateway reachability issue and how SRX flow behaves in such a scenario.
Read More »
When I was a junior engineer, I used to go to customer sites to install leased line modems and perform the initial quality checks of the lines. The most critical moment after provisioning the line was sending the first 100 ICMP packets to see if there is any packet loss or not and even if
Read More »
It has been more than a month that I couldn’t write a single post. Previously I was able to find time to do some experiments when I come home. However after the recent silly attack to my poor RtooDtoo.net server, it took me really time to bring it back on its feet. I have still
Read More »
You can configure address book objects in various part of the configuration on SRX. Because we have several options, we need to know where we can use which address books. To explain address books simply, I have drawn the following graph. Group A This group contains the zone specific address book object and the configuration
Read More »
During my second JNCIE-SEC study and after another unfortunate failure, I stepped back a little bit. Sometimes I need to break for a while to recharge my battery. I am still not sure if I am fully re-charged though but I have to move on. As my little doughter already went to bed, 🙂 I
Read More »
As you might know, Junos 12.1X47-D10.4 for Firefly has been released recently. What makes this release unique is that it supports some features that we looked forward to, for example; IDP UTM Transparent Mode ESX 5.5 support and it is also worth mentioning that subscription services don’t require license during 60-day evaluation period as mentioned
Read More »
On SRX CLI, you can also manage AX411 Wireless Access Point. Configuration isn’t very difficult but if you don’t have prior experience it may look like a bit cumbersome. Below I will try to show how you can configure one of these access points if you ave just got one of these devices. This post
Read More »
You must be logged in to post a comment.