[j-nsp] tcp reset on srx
Ben Dale
bdale at comlinx.com.au
Tue Jan 17 00:07:50 EST 2012
Ashish,
On 17/01/2012, at 1:19 PM, ashish verma wrote:
> In our SRX deployment I am seeing an issue where client does not receive a
> ICMP message back after getting denied by the policy.
>
> I can see that packet got dropped by the policy and SRX generates the
> tcp-rst but client does not receive anything.
Can you confirm that your policy action is "reject" and not "deny"? Otherwise the traffic will be dropped silently.
Cheers,
Ben
More information about the juniper-nsp
mailing list