ScreenOS Firewalls (NOT SRX)
Highlighted
ScreenOS Firewalls (NOT SRX)

slow Internet connection

‎12-18-2018 07:05 AM

Hi,

My Internet connection is very slow, my provider is able to see many traffic that fill the bandwidth.
On Juniper, Is it possible to have information about this traffic, (client IP, protocol, time etc) in order to analize the problem?

My Hardware Version: REV 12(0)    Firmware Version:6.3.0r21.0 (Firewall+VPN)

thank you

2 REPLIES 2
ScreenOS Firewalls (NOT SRX)

Re: slow Internet connection

‎12-18-2018 03:53 PM

In the mgmt web interface on the ScreenOS firewall you will want to look at the logs for the trust to untrust policy. 

Menu: Policy > Policies

on the list find the trust to untrust section

In the middle options column click on the grid icon to open up the logs with traffic details

 

If the grid icon is not desplayed, edit the policy  using the button nearer the right side and turn on logging by checking the box.  This will start collecting logs then going forward.

 

Steve Puluka BSEET - Juniper Ambassador
IP Architect - DQE Communications Pittsburgh, PA (Metro Ethernet & ISP)
http://puluka.com/home
ScreenOS Firewalls (NOT SRX)

Re: slow Internet connection

‎12-18-2018 04:16 PM

Depending on the device type, you can run a few things.  If it is an SSG, then you can use the following.

 

set pps. -- Turns on packets per second counting

get pps -- Displays information

 

You can also do a packet profile that will show what is sending the majority of the traffic.

 

set fprofile packet en
set fprofile vector en
set fprofile packet start
# <wait for a few seconds>

set fprofile packet stop


get fprofile packet
get fprofile packet ip
get fprofile packet ip dport
get fprofile packet ip dst-ip
get fprofile packet ip sport
get fprofile packet ip src-ip
get fprofile packet ip proto