Intrusion Prevention

IMPORTANT MODERATION NOTICE

This community is currently under full moderation, meaning  all posts will be reviewed before appearing in the community. Please expect a brief delay—there is no need to post multiple times. If your post is rejected, you'll receive an email outlining the reason(s). We've implemented full moderation to control spam. Thank you for your patience and participation.



  • 1.  Blocking external IPs from accessing router

    Posted 09-20-2010 10:27

    I work with an M10i and I'm trying to setup a blocklist of IPs that are not allowed to authenticate/login to the router. Here is the statement I've added to the firewall portion of the config;

     

     

    firewall{
    
    ...
    
        filter badnetwork {
            term 1 {
                from {
                    source-address {
                        94.102.9.0/24;
                        67.164.164.0/24;
                        210.212.150.0/24;
                        141.114.173.0/24;
                        184.106.208.8/32;
                        183.179.21.82/32;
                        216.1.26.233/32;
                    }
                }
                then {
                    reject;
                }
            }
            term 2 {
                then accept;
            }
        }
    }

     

    None of these networks are blocked however - one of them is my home network's IP and I still can access the router from my home server with no trouble. What am I missing? I'm sure its simple but I haven't been able to find my answer online.

     



  • 2.  RE: Blocking external IPs from accessing router
    Best Answer

    Posted 09-20-2010 19:17

    Hi,


    The logic of the Filter looks good.  Did you apply it to an Application Point?  Here is some additional info.

     

    http://www.juniper.net/techpubs/en_US/junos10.3/topics/concept/policy-firewall-filter-components.html

     

    -John



  • 3.  RE: Blocking external IPs from accessing router

    Posted 09-21-2010 09:08

    Thanks for responding John. I had not applied it to anything yet, so I applied it to ge-0/1/0 (where our public IP space lives). This didn't do it however, I can still get to the router from my home address, I guess I've applied it to the wrong interface...



  • 4.  RE: Blocking external IPs from accessing router

    Posted 09-21-2010 09:09

    I just added it to a different interface, the actual uplink and its working now. Tyvm.