[j-nsp] Issues with 7.2R1.7 and Firewall Filters
Laura McDonnell
lauram at canterbury.ac.uk
Tue Sep 13 05:46:29 EDT 2005
I am currently setting up the configuration for a M7i router and have come
across some difficulty with the firewall filters for GRE.
I have configured them similar to cisco but when I look at the firewall logs
I am seeing hits against the inbound filter but none against the outbound
filter. When I remove the inbound filter all works fine. I am slightly
confused at the configuration I should be using currently I have the
following setup.
Inbound
term GRE {
from {
source-address {
y/32;
}
destination-address {
x/32;
}
protocol gre;
}
then {
count GRE;
log;
accept;
Outbound
term GRE {
from {
source-address {
x/32;
}
destination-address {
y/32;
}
protocol gre;
}
then {
count GRE;
log;
accept;
}
interfaces {
gr-1/2/0 {
unit 0 {
description Tunnel;
tunnel {
source x;
destination y;
}
family inet;
}
Can somebody please confirm my configs are correct and explain why I am not
able to run the tunnel when I have this configured.
More information about the juniper-nsp
mailing list