[j-nsp] Firewall filter -EX4500
Brijesh Patel
brju.patel at gmail.com
Tue Jul 9 09:16:36 EDT 2013
Hi All,
EX4500 firewall filter configuration :
Connectivity : F5 Load balancer <----- Ex4500 <------ Internet
I want to configure ex firewall filter configuration , requirement as below
:
1. Allow from any source/internet to specific *destination
address(F5 load balancer) for any* port for the all network address range
(i.e. 192.168.246.1/24). Host are specified in *F5Traffic-IP prefi list*
My configuration as below :
test at lab-EX4500-01# run show configuration firewall family inet filter
incoming_traffic term LB-Traffic
from {
source-address {
0.0.0.0/32;
}
destination-prefix-list {
F5Traffic-IP;
}
}
then accept;
test at lab-EX4500-01# run show configuration policy-options prefix-list *
F5Traffic-IP*
192.168.246.8/32;
192.168.246.9/32;
192.168.246.225/32;
test at lab-EX4500-01> show configuration interfaces vlan.500
family inet {
filter {
input incoming_traffic;
}
address 192.168.246.1/24;
}
Does my configuration will work OR do I need to specify more in destination
port ? Pls suggest.
Many Thanks ,
Brijesh Patel
More information about the juniper-nsp
mailing list