i am using srx 340 in production and have limited traffic open for internal users like pop smtp 80 and 443..
now there is app called anydesk for remote support. this is application is not working i already opened port 80 and 443 as suggested by support team of anydesk. if i creat policy with any any source and destination it start work but this is not possible to open all port for internal traffic.
now i wanted to trace what traffic hiting to srx from local traffic which is notpermitted and blocked by firewall.
You can take a look at following URL.
You have two options:
-create a final deny policy for your test workstation address and add log on session initiation to the policy. This will then log all the denied traffic from that workstation for your review.
-create an allow all policy for your test work station and put this at the bottom of your policy list and enable log on session close for this policy. It will then log all the requests from the workstation normally and you can see what it needs while verifying the service does work.
Once you know the ports and addresses called you can create the narrow policy needed for the application.