SRX Next-Gen Firewalls

 View Only

IMPORTANT MODERATION NOTICE

This community is currently under full moderation, meaning  all posts will be reviewed before appearing in the community. Please expect a brief delay—there is no need to post multiple times. If your post is rejected, you'll receive an email outlining the reason(s). We've implemented full moderation to control spam. Thank you for your patience and participation.



Firewall Filter Not Working

  • 1.  Firewall Filter Not Working

    This message was posted by a user wishing to remain anonymous
    Posted 10 days ago
    This message was posted by a user wishing to remain anonymous

    Hi guys,

    I have done almost the exact same thing as this on an EX switch, with the only difference being that the family is bridge on this SRX.
    However, on the SRX it just doesn't work, none of the MACs under source-mac-address can talk to the ge-0/0/2 port, whereas the exact same thing in an EX does the trick.

    Is there anything special about the SRX that would prevent this from working?

     ge-0/0/2 {
    enable;
    unit 0 {
    family bridge {
    filter {
    output thefilter;
    }
    interface-mode access;
    vlan-id 5;
    }
    }
    }


    firewall {
    family bridge {
    filter thefilter {
    interface-specific;
    term block {
    from {
    source-mac-address {
    mac1;
    mac2;
    }
    }
    then accept;
    }
    }
    }
    }