Correct, it should be 0/0 but also are you doing NAT anywhere? The internet won't be going to 192.168.x.x directly.
Morgan On Tue, Jul 9, 2013 at 3:56 PM, Chris Kawchuk <juniperd...@gmail.com> wrote: > And you can omit the "source-address" (i.e. it ignores the source IP now) > and it matches all source IP traffic. > > from { > destination-prefix-list { > F5Traffic-IP; > } > then { > accept; > } > > > > On 09/07/2013, at 11:22 PM, Andy Litzinger <andy.litzin...@theplatform.com> > wrote: > > > I think your source ip range netmask should be /0, not /32. I.e: > 0.0.0.0/0 > > > > > >> > >> from { > >> > >> source-address { > >> > >> 0.0.0.0/32; > >> > >> } > >> > >> destination-prefix-list { > >> > >> F5Traffic-IP; > >> > >> } > >> > >> } > >> > >> then accept; > > > _______________________________________________ > juniper-nsp mailing list juniper-nsp@puck.nether.net > https://puck.nether.net/mailman/listinfo/juniper-nsp > -- Thanks, Morgan _______________________________________________ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp