Category Archives: Juniper SSG (ScreenOS 6.3)

Juniper SSG (ScreenOS 6.3)

Can not access to https management of Juniper SSG vi Chrome (Error code: ERR_SSL_VERSION_OR_CIPHER_MISMATCH)

1 Comment

Can not access to https management of Juniper SSG through Chrome (Error code: ERR_SSL_VERSION_OR_CIPHER_MISMATCH)

A secure connection cannot be established because this site uses an unsupported protocol.
Error code: ERR_SSL_VERSION_OR_CIPHER_MISMATCH

Did this work before? Yes Previous version of Google Chrome: 39.0.2171
Resolution 1:
1. Go to the "Chrome://flags" from the address bar.
2. Find "Minimum SSL/TLS" version support"
3. Select " SSLv3" option. 

Resolution 2:
Access to WEB UI of ScreenOS
1. Go to Configuration/Admin/Management
2. Change Cipher to DES-SHA1 / 3DES-SHA1
3. Apply
Juniper SSG (ScreenOS 6.3)

Juniper SSG VIP port range (ScreenOS 6.3.x)

Leave a comment 
Instead of mapping individual ports between virtual IP and real server IP, you can map a
range of ports between them by using the port-range VIP entry feature. You can enable
this feature by using the set interface command:
 

set interface <interface> vip { ip_address | interface_ip } port-range port1  port2 server-ip ip-address2 port-range portx - porty [ protocol TCP | UDP ] [manual]
 

The port-range VIP entry is considered a single entry. The range of ports is from 1  65535.
For example, to map ports from 3 to 20, to ports 43 to 60, using IP address 10.10.10.100
and server IP 10.42.62.100