Dear Experts,
I am wondering if there is somebody here who can support me in this isssue a little bit?
I need to work temporarily with a dynamic public IP address.
To get the VPN tunnels up and run I modified the IKE and IPSEC configuration accordingly and this works great.
Then I have setup ddns services on the SRX 220 and it works as long I do NOT use firewall lo-filter for management access control
root@SRX220# show system services dynamic-dns
client host {
server dyndns;
agent xxx.dyndns.org;
username abd;
password "xxx"; ## SECRET-DATA
interface pp0.0;
}
Now to my question:
Which exceptions have to be set in the firewall filter settings so that the connection to dyndns (dyn.com) works correctly with the highest possible security standards?Does any of you have experience with this?[edit firewall filter lo-filter]
root@SRX220# show
term ddns {
from {
protocol [ tcp udp ];
#????source-port [ 53 80 ];
#?????destination-port [ 53 80 ];
#?????}
then accept;
}
Any help is greatly appreciated!
Thank you in advance.
Kind regards,
Steve
------------------------------
Thomas
------------------------------