Find all the flowing inbound or outbound by command: Show services stateful-firewall flows
Using interface service you need manually allowed inbound and outbound tcp or udp package by firewall matching . Make sure the package flowing is working on this interface, otherwise you can enable "establish-tunnel immediately" on both side. Nan -----Original Message----- From: juniper-nsp-boun...@puck.nether.net [mailto:juniper-nsp-boun...@puck.nether.net] On Behalf Of Matt Stevens Sent: Wednesday, January 28, 2009 10:07 AM To: juniper-nsp@puck.nether.net Subject: [j-nsp] Firewall filter on IPSec tunnel Hello everyone. I'm trying to apply a filter to traffic that's entering a router via an IPSec tunnel. It doesn't seem like applying the filter to the services interfaces has any effect. I've thought about using the from interface condition in the filter, but I have a fair number of IPSec interfaces to apply this against which makes for a lot of individual terms. Any suggestions? -- matt _______________________________________________ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp _______________________________________________ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp
