Memorise

Archive for the ‘Firewall’ Category

Netstat Command

The netstat command, it can show details about individual network connections, overall and protocol-specific networking statistics, and much more, all of which could help troubleshoot certain kinds of networking issues. Netstat Command Syntax netstat [-a] [-b] [-e] [-f] [-n] [-o] [-p protocol] [-r] [-s] [-t] [-x] [-y] [time_interval] [/?] How to Read Command Syntax Netstat Command List Option Explanation […]

Juniper Hardware LED check

{primary:node1}enroute@SRX> show chassis craft-interface node0: Front Panel System Indicator: Routing Engine 0 OK * Front Panel Alarm Indicator: RED *ORANGE . Front Panel HA Indicator: RED .ORANGE .GREEN * Front Panel PS Indicator: PS 0 RED .GREEN * node1: Front Panel System Indicator: Routing Engine 0 OK * Front Panel Alarm Indicator: RED .ORANGE . […]

JunOS: Cleanup Storage Space

Sometimes you will want to install a switch or router update, and you will find that there is not enough space: root@Switch01> request system software add /var/tmp/ex-2300-18.3R1.9.tgz reboot ERROR: estimate of space required: 115 Mbytes, available: 89 Mbytes One option is to request a ‘cleanup’. The dry-run option below lists the files that are candidates to be […]

Troubleshooting a Site to Site VPN on a SRX

1. Confirm Configuration First of all check the VPN configuration. This is also useful if and when you need to confirm the Phase 1 and Phase 2 parameter’s with the remote end. admin@srx> show configuration security ikeadmin@srx> show configuration security ipsec {loadposition content_lock} 2. Confirm Phase 1 To confirm the successful completion of Phase 1 […]

Juniper SRX – Configuring BT FTTP PPPoE

This configuration is set up on Juniper SRX 340 running JUNOS 20.2R1.10 Note: The username is the same for everyone btbusinesshub@business.btclick.com password is anything chap authentication method outside/untrust interface being ge-0/0/7.0 set interfaces ge-0/0/7 unit 0 encapsulation ppp-over-ether –Optional — set security zones security-zone Internet interfaces pp0.0 host-inbound-traffic system-services pingset security zones security-zone Internet interfaces […]

Juniper SRX certificate ‘aamw-srx-cert’: certificate does not exist

error: certificate ‘aamw-srx-cert’: certificate does not exist .error: trusted-ca ‘aamw-cloud-ca’ does not exist!error: trusted-ca ‘aamw-secintel-ca’ does not exist! Error: {primary:node0}[edit]root# commit and-quit[edit security pki]‘ca-profile aamw-secintel-ca’Missing mandatory statement: ‘ca-identity’[edit security pki]‘ca-profile aamw-cloud-ca’Missing mandatory statement: ‘ca-identity’error: commit failed: (missing mandatory statements) FIX: {primary:node0}[edit]root# delete security pki {primary:node0}[edit]root# commit and-quitwarning: You have changed enhanced services mode.You must reboot […]

Install Software via CLI (from Junos software copied to USB stick)

Follow these steps to install the software via the CLI from a USB stick: Download the Junos upgrade file to the USB stick.  Locate the USB device ID that Junos is associating to the USB stick:user@srx> start shell user@srx% ls /dev/ > /var/tmp/before_USB.txt Insert the USB device into the USB slot.  For example, slot 0 would return the following:root# umass0: […]

Email spoofing

The goal of email spoofing is to trick the user into thinking an email is from a known and trusted source. Spoofing is done through the manipulation of email elements that are visible to the recipient, primarily the “Body From” field. A spoofed email can be partial or full: Partial Spoof: A partial spoof occurs when […]