Hi, all,
Say I have one uplink connection to service providers, I want to implement a input filter on the interfaces to reject all BGP connections except for configured peers, so I have the following configuration:
set policy-options prefix-list isp-peer apply-path "protocols bgp group <*> neighbor <*>"
set firewall family inet filter allow_access_ in term bgp from source-prefix-list isp-peer except
set firewall family inet filter allow_access_in term bgp from port bgp
set firewall family inet filter allow_access_in term bgp then reject
But the above filter term is not taking effect, what could be wrong?
John
------------------------------
John Gerro
------------------------------