SRX Services Gateway
Blogs
Discussion Forums
Programs & Events
turn on suggestions Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Reply
Topic Options
JNSSJNSS
Contributor
JNSSJNSS
Posts: 28
Registered: ‎03-28-2009
0
Accepted Solution

SRX Problems

Options

‎09-17-2009 09:46 PM

1.When I enable UTM policies internet surfing gets dead slow. Why?

2. How to Block Application sets- Like Peer-peer sites,KAAZAA,edonkey,limewire.

 3. Logging - How can I get detailed logging for ip based website access

Message 1 of 3 (3,781 Views)
 
Reply
Distinguished Expert
Distinguished Expert
Screenie
Posts: 945
Registered: ‎01-10-2008
0

Re: SRX Problems

Options

‎09-18-2009 01:40 AM

1) Try this in you config

 

set security flow traceoptions file flowtrace size 5 files 2

set security flow traceoptions flag basic-dtapath

set security packet-filter my_filter source-prefix <source-ip>

commit

 

Then try to browse and look in the output from the trace with show log flowtrace to see what's going on.

 

when you're ready: rollback 1 to disble the tracing

 

2) In the IDP module you can do application recognition en set the block action

 

3) set logiing to your policy and review in the rtlogd log file.

   To enable loging set log session-close on the permit level of the policy (then log session-close) 

   To view the log: show log rtlogd

 

 

 

 

best regards,

Screenie.
Juniper Ambassador,
JNCIA IDP AC WX JNCIS FW SSL JNCIP SEC ENT SP JNCI

If this worked for you please flag my post as an "Accepted Solution" so others can benefit. A kudo would be cool if you think I earned it.
Message 2 of 3 (3,770 Views)
 
Reply
Distinguished Expert Distinguished Expert
Distinguished Expert
rkim
Posts: 755
Registered: ‎11-06-2007
0

Re: SRX Problems

Options

‎09-24-2009 11:45 PM

How much BW do you have for your Internet connection? Reason I ask is if you are constantly utilizing max bandwidth then your SurfControl web-filtering check traffic will also need to contend with that traffic. SurfControl will use UDP 9020 so it could take some time before the UF receives a response which will slow down your web surfing. One thing that can be done to help is to maximize your cache size and duration to decrease the amount of UF traffic, though that really would only help if you surf same sites constantly. If I find any other things that could help, I'll let you know.

 

-Richard

Message 3 of 3 (3,669 Views)
 
Reply
Copyright© 1999-2013 Juniper Networks, Inc. All rights reserved.