[j-nsp] Block externals ip to firewall srx240

Kevin Shymkiw kshymkiw at gmail.com
Tue Jan 10 14:07:34 EST 2017


David,

https://www.juniper.net/documentation/en_US/junos12.1x44/topics/concept/security-policy-for-self-traffic-understanding.html

It is called self-traffic-policy.   If your version doesn't support this -
then you would need to do the old school method of using a Firewall Filter
on Lo0

Kevin

On Tue, Jan 10, 2017 at 9:45 AM, David Samaniego <david1984ba at gmail.com>
wrote:

> Hi,
>
> I have a juniper srx240 in firewall mode, I create a Untrust Zone to
> control the traffic access from Internet to my LAN. All work fine, but I
> need to block all the connections to my device for example block the ssh or
> https. The idea is deny all attempts to manage my device througth internet.
>
> I tried to create a policy to deny all the inbound traffic to my ip
> interfaz(Untrust zone), but don't work and keep allow the access.
>
> Any idea to implement my idea.
>
> Thanks.
>
> Sebastián
> _______________________________________________
> juniper-nsp mailing list juniper-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/juniper-nsp


More information about the juniper-nsp mailing list