[j-nsp] Stupid ACL Q & JUNOS 8.0 Q

sthaug at nethelp.no sthaug at nethelp.no
Mon Sep 4 15:46:26 EDT 2006


> I've been searching for an answer to this and I'm a bit befuddled. At
> the moment I'm trying to configure an ACL to prevent SSH attempts from
> outside. It appears I need to do so by configuring a filter under the
> "firewall" configuration area and then apply it to the "input" or
> "output" on "unit 0 family inet" for the interface connected to the
> outside.

This is correct if you want to have the ACL on all traffic passing
through that interface, yes.

> My question is am I correct, or do I have to have the
> stateful firewall license key since the filter is defined under
> "firewall"? Thanks in advance for the newbie Q.

This is a standard (static) ACL, no stateful firewall license needed.

> What is everyone's opinion on JUNOS 8.0 vs 7.6?

Way too early to say. We're still at various releases from 7.3 to 7.6.

Steinar Haug, Nethelp consulting, sthaug at nethelp.no


More information about the juniper-nsp mailing list