In my network, a Juniper SRX cluster handles all DHCP leases (via an IP helper configured on the switches with DHCP snooping). These are the steps I used to get the DHCP server for SRX devices to work for Windows Deployment Services. Main DHCP Configuration The following configuration is set […]
Read moreQuite often people scan for WordPress installs by checking to see if a HTTP request can be made to /xmlrpc.php. Since I do not run WordPress at all it is low hanging fruit to block the source IP that makes a HTTP request for that to my web servers. The […]
Read moreSometimes you need to execute commands on the secondary node. To do this you can open a session to the remote node from the primary using the command request routing-engine login node X where X is the node ID to login to. As an example: Transferring Files Files can also […]
Read moreThese are the steps I used to get the Juniper SRX user firewall feature working with Active Directory. The end result is I can apply firewall policies based on the username of a user or the group of a user. NOTE: JunOS 17.4R1 or above is required for this feature […]
Read moreMy Juniper SRX devices are configured to send packet captures to a Linux server for further analysis. I have the Linux server exporting its share via NFS which I mount on my PC, that allows me to then browse through the packet captures of attacks using my PC directly and […]
Read moreThe following IDP rule will block SSH brute force attacks. It will be triggered by more than 3 consecutive SSH connections in a row. After the rule has been triggered, the source IP will be banned for a period of 1 hour and the connection to both the client and […]
Read more