[j-nsp] Logging default deny traffic on SSG-550?

Kyle Evans evans.584 at osu.edu
Fri Mar 12 15:23:09 EST 2010


We have those too, and I don't think you can enable logging for the 
default deny.  We get the functionality by making a global deny policy 
and logging it.  Here is the command:

set policy global any any any deny log


Kyle



TCIS List Acct wrote:
> We've got a pair of Juniper SSG-550's in HA mode running Screen OS 
> 6.1.0r4.0. For the life of me I can't figure out how to enable logging 
> for denied/blocked traffic for the implicit default-deny rule.  I've 
> followed the instructions found in the Screen OS Cookbook with no 
> results.
>
> Anyone have any pointers?
>
> Thanks.
>
> --Mike
> _______________________________________________
> juniper-nsp mailing list juniper-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/juniper-nsp
>


More information about the juniper-nsp mailing list