[j-nsp] Firewall filter for system service ssh on outside interface?
Chris Morrow
morrowc at ops-netman.net
Thu Oct 13 09:42:31 EDT 2011
On 10/13/2011 09:40 AM, Daniel M Daloia Jr wrote:
> Hi Folks,
>
> Is there any reason why I shouldn't allow ssh access to a remote SRX
> with a firewall filter only allowing a single network on an untrust
> (reth) interface? Maybe should create a loopback instead, allow
> system-services ssh, and apply the filter there? My thought for
> using a lo interface is why force all traffic through the filter just
> for a system service?
use the loopback filter.
More information about the juniper-nsp
mailing list