SRX

 View Only
last person joined: yesterday 

Ask questions and share experiences about the SRX Series, vSRX, and cSRX.

  • 1.  Srx 650 telnet port

    Posted 12-26-2018 23:40

    Dear juniper guys.

     

    On my previous post i had some problems with the public ip forward ports, it's solved. I have manage to open couple of ports of just one ip.

    But , there is always but...

     

    Seems even if i have open the ports i can telnet them through the internal network of the juniper but not to outside network.

     

    For example .

     

    If i telnet 45.45.45.45 "public ip" with port 3389 or 135 which are perfectly bound to public ip and telneted to internal network shows open.

     

    If i telnet those ports from outside network , they are closed.

     

    Probably it's some small issues , i can't find any salution to it.

     

    Any help will be appreciate , with that.



  • 2.  RE: Srx 650 telnet port
    Best Answer

    Posted 12-27-2018 03:07

    Rules for both nat and security policy are written specifying the ingress and egress zones.  The connections from internal interfaces and from outside the network are likely going to hit at least different security policies if not also different nat rules.

     

    This chart shows where the packet processing occurs.  The zone selection for traffic takes place before source nat and after destination nat occurs to match configured rules.

    SRXpacketFlow.gif

     

    This kb article shows how to determine what a flow is doing during processing.

    https://kb.juniper.net/InfoCenter/index?page=content&id=KB16110