[j-nsp] When will ASM/ASPIC configuration gain prefix lists?
Alexander Tarkhov
karabass at gmail.com
Wed Mar 1 04:20:49 EST 2006
Hi Michael,
Looks like you are trying to use the simplest way of configuring it.
However there is a more complex way which is much more flexible.
Try to look at service-filters
[edit firewall family inet service-filter filter-name term term-name from]
I think there you can reference prefix-list.
Also you can take
"then service" or "then skip"
as an action for selected traffic.
http://www.juniper.net/techpubs/software/junos/junos74/swconfig74-services/html/interface-config9.html
Regards,
Alex
On 3/1/06, Michael Loftis <mloftis at wgops.com> wrote:
>
> I'm having a hell of a time deploying the firewall services because of the
> ridiculous lack of prefix lists in the '[edit services statefule-firewall
> rule rule-name term term-name from]' hierarchy. 7.5 still doesn't seem to
> have it, I've passed on multiple requests but they fall on deaf ears.
> Basically without this we get a LOT of configuration errors due to missing
> one or the other since everything else is controlled by prefix lists.
>
> Anyone have any idea when Juniper will get a little clue working on this?
>
> --
> "Genius might be described as a supreme capacity for getting its
> possessors
> into trouble of all kinds."
> -- Samuel Butler
> _______________________________________________
> juniper-nsp mailing list juniper-nsp at puck.nether.net
> http://puck.nether.net/mailman/listinfo/juniper-nsp
>
--
* most punctuation intentionally omitted for your temperament.
More information about the juniper-nsp
mailing list