Screen OS

last person joined: 8 months ago 

This is a legacy community with limited Juniper monitoring.

  • 1.  Unstrust to trust and dhcp isp

    Posted 12-03-2012 04:21
      |   view attached

    Hello,

    I'm new to juniper and I want a little help.

     

    I try to connect to my synology with port 5000 which is "trust" but I can not.

    According to what I read, I tried parramétrer "VIP" because I do not have a fix address from my ISP.

     

    I tried many solution but I can not do 😞

    I really hope someone can help me out 🙂 I'd really appreciate it.

     

    PS: Sorry for my poor english 😕

    Attachment(s)

    txt
    juniper_cfg.txt   5 KB 1 version


  • 2.  RE: Unstrust to trust and dhcp isp
    Best Answer

    Posted 12-03-2012 06:10

    HI 

     

    I checked your config and it looks ok except where you have defined the service.

     

    set service "SYNOLOGY" protocol tcp src-port 5000-5000 dst-port 5000-5000 
    set service "SYNOLOGY" + udp src-port 5000-5000 dst-port 5000-5000

     

    is the source port really limited to 5000 . Usually the source port would be 0 - 65535 range. I would recommend to check if the source port for the traffic sent is really set to 5000. 

     

    Also if you are using multiple ports in a VIP, you need to use the recommendation in the following KB . See option 2 in the KB.

     

    [KB21114] - [ScreenOS] Address translation of packets are coming for the same TCP and UDP port

     

    Hope it helps. 

     

    Regards

     



  • 3.  RE: Unstrust to trust and dhcp isp

    Posted 12-03-2012 06:20

    Arffff....yes, that's it 😉

     

    thanks for all !!!!!!!!