Is there any way to use SRX for using for only incoming packages. I don't want to return traffic to SRX. If I change defaulte route of server to directly internet SRX drop the packeges because not in session table.
SRX by default is in Flow mode where the traffic is processed based on the state and session.
SRX can also work in packet mode on the Branch Devices where the Session table is not created but changing the mode is global and in packet mode, NAT, UTM and other Security features do not work.
Hope this helps.
Thanks,PradeepPlease Mark My Solution Accepted if it Helped, Kudos are Appreciated too!!!
To understand the requirement better, does the Server have a route to the internet bypassing the firewall. If it does, you can simply disable syn-seq check and that should do the job.
If the return path from Server to Internet is also routed through the firewall, you can selectively bypass the return traffic from the flow module. In this case the firewall will simply act as a router, no firewalling services.
I hope this helps. Regards,