Devil in the Defaults

Default settings are the worst. Every systems has them, and they’re great until they’re not. For whatever reasons in the past, my predecessors decided to purchase a bunch of bare-bones HP servers and install Check Point’s firewall software on them. The HP servers were…

SRX High CPU: httpd

Over the past few years of my Juniper SRX adventures, I’ve run into a few cases where the Routing Engine (RE) CPU is pegged at 100%. From what I’ve seen so far, this is typically one of three causes: high traffic (spike in IPS inspection), logging…

Odd Behavior of Protected Switchports

I ran into an interesting issue recently, which was caused by use of the switchport protected command…. So I use a pair of Cisco 2960-8TC-L switches at home, for both my home network and lab. A few months back I ran a bunch of ethernet cabling within my house,…

Juniper SRX VPN Issues

Last year we began migrating from our old Juniper SSG firewalls to the new SRX line. After a few months, I’ve honestly really started to enjoy working with them – so much that we’ve decided to start standardizing our firewall platforms by ditching everything else. So…