Well, the fact that I'm terminating the tunnel helps. :-)
Basically, I want to apply an output filter on the tunnel interface to
filter packets leaving the tunnel towards a local subnet.
--
matt
Stefan Fouant wrote:
On Wed, Jan 28, 2009 at 1:06 PM, Matt Stevens <m...@elevate.org
<mailto:m...@elevate.org>> wrote:
Hello everyone.
I'm trying to apply a filter to traffic that's entering a router via
an IPSec tunnel. It doesn't seem like applying the filter to the
services interfaces has any effect. I've thought about using the
from interface condition in the filter, but I have a fair number of
IPSec interfaces to apply this against which makes for a lot of
individual terms.
Any suggestions?
--
matt
And what kind of magic do you have that allows you to inspect traffic
that is encrypted? ;)
Stefan
_______________________________________________
juniper-nsp mailing list juniper-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp
