Thank you - yes, both of those issues you highlighted have created problems for us .... especially lack of "tcp established"
Paul -----Original Message----- From: juniper-nsp-boun...@puck.nether.net [mailto:juniper-nsp-boun...@puck.nether.net] On Behalf Of Emmanuel Halbwachs Sent: January-10-13 9:59 AM To: juniper-nsp@puck.nether.net Subject: Re: [j-nsp] EX Switch Question Hello, Tobias Heister (Thu 2013-01-10 14:31:40 +0100) : > We have not yet found an EX platform (tried > 2200/3200/4200/4500/8200) which supported policing on egress (using > Firewall filters and policing, never tried using QoS) I don't know for the OP needs but for shure EX4200 does not have: - syslog in firewall filters - tcp flags (e. g. established) in firewall filters in egress (physical or VLAN interface). Juniper confirmed that this is a hardware limitation. That was the reason we went MX. Cheers, -- Emmanuel Halbwachs Observatoire de Paris Resp. Réseau/Sécurité 5 Place Jules Janssen tel : +33 1 45 07 75 54 F 92195 MEUDON CEDEX véhicules : 11 av. Marcellin Berthelot _______________________________________________ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp _______________________________________________ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp