[j-nsp] Logging default deny traffic on SSG-550?

Kyle Evans evans.584 at osu.edu
Fri Mar 12 15:23:09 EST 2010

We have those too, and I don't think you can enable logging for the 
default deny.  We get the functionality by making a global deny policy 
and logging it.  Here is the command:

set policy global any any any deny log


TCIS List Acct wrote:
> We've got a pair of Juniper SSG-550's in HA mode running Screen OS 
> 6.1.0r4.0. For the life of me I can't figure out how to enable logging 
> for denied/blocked traffic for the implicit default-deny rule.  I've 
> followed the instructions found in the Screen OS Cookbook with no 
> results.
> Anyone have any pointers?
> Thanks.
> --Mike
> _______________________________________________
> juniper-nsp mailing list juniper-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/juniper-nsp

More information about the juniper-nsp mailing list