[j-nsp] Firewall filter -EX4500
Morgan McLean
wrx230 at gmail.com
Tue Jul 9 19:52:20 EDT 2013
Correct, it should be 0/0 but also are you doing NAT anywhere? The internet
won't be going to 192.168.x.x directly.
Morgan
On Tue, Jul 9, 2013 at 3:56 PM, Chris Kawchuk <juniperdude at gmail.com> wrote:
> And you can omit the "source-address" (i.e. it ignores the source IP now)
> and it matches all source IP traffic.
>
> from {
> destination-prefix-list {
> F5Traffic-IP;
> }
> then {
> accept;
> }
>
>
>
> On 09/07/2013, at 11:22 PM, Andy Litzinger <Andy.Litzinger at theplatform.com>
> wrote:
>
> > I think your source ip range netmask should be /0, not /32. I.e:
> 0.0.0.0/0
> >
> >
> >>
> >> from {
> >>
> >> source-address {
> >>
> >> 0.0.0.0/32;
> >>
> >> }
> >>
> >> destination-prefix-list {
> >>
> >> F5Traffic-IP;
> >>
> >> }
> >>
> >> }
> >>
> >> then accept;
>
>
> _______________________________________________
> juniper-nsp mailing list juniper-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/juniper-nsp
>
--
Thanks,
Morgan
More information about the juniper-nsp
mailing list