[j-nsp] Block externals ip to firewall srx240
Kevin Shymkiw
kshymkiw at gmail.com
Tue Jan 10 14:09:37 EST 2017
My apologies - it is called the junos-host zone at this point:
https://kb.juniper.net/InfoCenter/index?page=content&id=KB24227&actp=search
Kevin
On Tue, Jan 10, 2017 at 10:07 AM, Kevin Shymkiw <kshymkiw at gmail.com> wrote:
> David,
>
> https://www.juniper.net/documentation/en_US/junos12.
> 1x44/topics/concept/security-policy-for-self-traffic-understanding.html
>
> It is called self-traffic-policy. If your version doesn't support this -
> then you would need to do the old school method of using a Firewall Filter
> on Lo0
>
> Kevin
>
> On Tue, Jan 10, 2017 at 9:45 AM, David Samaniego <david1984ba at gmail.com>
> wrote:
>
>> Hi,
>>
>> I have a juniper srx240 in firewall mode, I create a Untrust Zone to
>> control the traffic access from Internet to my LAN. All work fine, but I
>> need to block all the connections to my device for example block the ssh
>> or
>> https. The idea is deny all attempts to manage my device througth
>> internet.
>>
>> I tried to create a policy to deny all the inbound traffic to my ip
>> interfaz(Untrust zone), but don't work and keep allow the access.
>>
>> Any idea to implement my idea.
>>
>> Thanks.
>>
>> Sebastián
>> _______________________________________________
>> juniper-nsp mailing list juniper-nsp at puck.nether.net
>> https://puck.nether.net/mailman/listinfo/juniper-nsp
>
>
>
More information about the juniper-nsp
mailing list