General off-topic discussions.
User avatar
Vito_Corleone
Moderator
Posts:
9850
Joined:
Mon Apr 07, 2008 10:38 am
Certs:
CCNP RS, CCNP DC, CCDP, CCIP

Re: Juniper NetScreen Firewall 5GT

Sun Apr 08, 2012 9:01 am

burnyd wrote:
Vito_Corleone wrote:I fucking hate ScreenOS. I'm working on a migration from SSG to ASA and it's hell.


wtf? You are prolly the first person I have ever heard say anything like that.

The benefit to ScreenOS in my experiences is its pretty damn easy and almost anyone can work with it. The cli is crap but the GUI is pretty nice. Where I used to work we switched over to SRX's which are all about cli and the GUI isnt the best not that it bothered me working with Junos in the past. But I feel the Netscreens are great especially for their age.


Maybe I'm crazy, but nothing is easy with those things. Hell, even finding NAT config from the GUI is a pain in the ass and seems hidden. Am I using an old version or something?
http://blog.alwaysthenetwork.com

User avatar
mellowd
CCIE #38070
Posts:
13814
Joined:
Wed Jun 18, 2008 7:49 am
Certs:
CCIE (RS,SP), JNCIE-SP, BC-/SPNE/NP

Re: Juniper NetScreen Firewall 5GT

Sun Apr 08, 2012 10:39 am

Nat is easy. Go to policy - advanced - NAT

User avatar
Vito_Corleone
Moderator
Posts:
9850
Joined:
Mon Apr 07, 2008 10:38 am
Certs:
CCNP RS, CCNP DC, CCDP, CCIP

Re: Juniper NetScreen Firewall 5GT

Sun Apr 08, 2012 10:49 am

But I have to do that for each policy, no?
http://blog.alwaysthenetwork.com

User avatar
mellowd
CCIE #38070
Posts:
13814
Joined:
Wed Jun 18, 2008 7:49 am
Certs:
CCIE (RS,SP), JNCIE-SP, BC-/SPNE/NP

Re: Juniper NetScreen Firewall 5GT

Sun Apr 08, 2012 11:19 am

If you do it via policy yes. If you do it via interface you don't need to

User avatar
Vito_Corleone
Moderator
Posts:
9850
Joined:
Mon Apr 07, 2008 10:38 am
Certs:
CCNP RS, CCNP DC, CCDP, CCIP

Re: Juniper NetScreen Firewall 5GT

Sun Apr 08, 2012 11:32 am

Well shit, that definitely makes things easier, thanks!

For the record though, that's not very intuitive and I still hate this shit. There should be a big fucking button labeled NAT, like every other firewall.
http://blog.alwaysthenetwork.com

User avatar
dieselboy
Post Whore
Posts:
2731
Joined:
Tue Aug 05, 2008 6:36 am
Certs:
CCNP, CCNA Voice, SMB Select, Linux+

Re: Juniper NetScreen Firewall 5GT

Sun Apr 08, 2012 7:42 pm

Vito_Corleone wrote:Well shit, that definitely makes things easier, thanks!

For the record though, that's not very intuitive and I still hate this shit. There should be a big fucking button labeled NAT, like every other firewall.


/lol/
Meanwhile, back in the city...

'
Previous

Return to Forum Lobby

Who is online

Users browsing this forum: No registered users and 13 guests