On Fri, Jan 29, 2010 at 09:04:36AM +0100, Sven Juergensen (KielNET) wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Hi list,
>
> according to http://bit.ly/9Xn1u9 loopback
> filters on EX switches are supported since
> 9.2R1. My box is running 9.5R3.7 and conf-
> iguring something at the [edit firewall]
> context, ends me up with
Looks like "generic" firewall filters is not supported anymore,
and you have to configure them in [firewall family inet filter NNN]
hierarchy:
[edit interfaces lo0 unit 0 family inet]
+ filter {
+ input RE;
+ }
[edit]
+ firewall {
+ family inet {
+ filter RE {
[.....]
+ }
+ }
+ }
[edit]
s...@us-smf-asw04# commit check
configuration check succeeds
That's ex3200-24t, 9.3R4.4
>
> firewall {
> ##
> ## Warning: configuration block ignored: unsupported platform
> (ex4200-24f)
> ##
> filter REF {
> term snmp {
> from {
>
> Applying that to lo0 and committing bombs
> like
>
> [edit interfaces lo0 unit 0 family inet]
> 'filter'
> Referenced filter 'REF' is not defined
> [edit]
> 'interfaces'
> error parsing interfaces object
> error: configuration check-out failed
>
> Does this generally not work on the EX-series
> or just not for the -24f?
>
_______________________________________________
juniper-nsp mailing list juniper-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp
