Routing

Expand all | Collapse all

firewall filter behaviour

Jump to Best Answer
  • 1.  firewall filter behaviour

    Posted 11-28-2018 05:28

    Hi All,

     

    Lets say I have an interface:

    ae2.432

    with 2 IP address

    set interfaces ae2 unit 432 family inet address 1.1.1.1/24
    set interfaces ae2 unit 432 family inet address 2.2.2.2/24
    set interfaces ae2 unit 432 family inet filter output Output-Filter

    The filter is for the time being rejecting-all.
    Question: is the communication allow between 1.1.1.0/24 and 2.2.2.0/24?
    e.g. can a server says the 1.1.1.4 open an ssh connection to 2.2.2.4 or the filter will reject the request?

    thanks.



  • 2.  RE: firewall filter behaviour
    Best Answer

    Posted 11-28-2018 17:34

    My understanding is that it will be blocked as it is treated as transit traffic. 



  • 3.  RE: firewall filter behaviour

    Posted 11-29-2018 02:15

    right, filter must be extended to allow the traffic in both directions