Junos OS

Expand all | Collapse all

Create custom application for SRX

Jump to Best Answer
  • 1.  Create custom application for SRX

    Posted 05-06-2016 11:05

    Hello,

     

          Can someone tell me to how I can create custom application for a service (HTTPS) but it is actually running on a different port than 443?  We need a application for HTTPS on ports 8080,8082 and a slew of others. I see there is the application "junos-https", destination port 443, already pre-defined. If I wanted to create a custom application for port https but is on port 8080, would I do the following:

     

    application <my name>

           protocol type tcp

           destination-port 8080

     

    We have security policies between zones that allow https but on a different port than 443. Lastly, since the system has pre-defined applications, is there a way to store my custom applications.



  • 2.  RE: Create custom application for SRX
    Best Answer

    Posted 05-06-2016 16:37

    Hi TDNY,

     

    I think this is what you are looking for ( I named the application https-8080 ) :

     

     

    application https-8080 {
    application-protocol https;
    destination-port 8080;
    }

     

    If you apply it to the command line and commit, it will be saved :

     

    set applications application https-8080 application-protocol https

    set applications application https-8080 destination-port 8080



  • 3.  RE: Create custom application for SRX

    Posted 05-09-2016 11:49

    Thanks Hisham,

     

          That does work but what if I have an application used for automated deployment (IBM udeploy), it is TCP and runs on port 7918. How would I define this if it is not a known common port number? Or could I do this:

     

    application udeploy

           protocol tcp

           destination-port 7918

     

    Will this work? Thanks!

     

     



  • 4.  RE: Create custom application for SRX

    Posted 05-09-2016 17:20

    Hi TDNY,

     

    Yes it works the way you did it. Basically, if the service/application is a standard defined one using a non-standard port you can inherit the configuration of the standard service/application already defined in Junos using the "application-protocol" stanza and modify the parameters that are different.

     

    If it is a totally new/non-standard application protocol that isn't defined in Junos you can simply use the "protocol stanza" and set it to tcp or udp ( depending on which it uses ) and set its destination port, this is as simple as it gets; but you can also tie down other parameters depending on your understanding of the protocol. This is how it should be ( you missed out the parentheses) :

     

    application udeploy{

           protocol tcp

           destination-port 7918

    }

     

    or :

     

    set applications application udeploy protocol tcp

    set applications application udeploy destination-port 7918

     

     

     



  • 5.  RE: Create custom application for SRX

    Posted 07-25-2019 04:47

    HI elkadiki 

     

    You have elaborate the said issue with very simple manner I want some more clarification in this regard I want to add more than one customized ports against one object is there any way-out . Like 

             application udeploy

                                               {

                                                  protocol tcp destination-port 7918, 8080, 8014, 8881

                                               }

     

    If so please share your feedback as soon as possible, It would be appreciated. 

     

    Regards, 

     

    Muhammad Tanveer