SRX

 View Only
last person joined: 5 days ago 

Ask questions and share experiences about the SRX Series, vSRX, and cSRX.

  • 1.  enhanced Web Filtering with a scheduler

    Posted 01-27-2020 22:28

    Hello Guys,

     

    I need your help.

    I have made enhanced Web Filtering with a scheduler for access but it does not work, what configuration I have missed.

    thanks.

     

    The following configuration that I made

     

    root@SRX# show schedulers
    scheduler ScheduleWebFilter {
    start-date 2020-01-27.00:00 stop-date 2020-12-31.00:00;
    sunday exclude;
    monday {
    start-time 08:00:00 stop-time 17:00:00;
    }
    tuesday {
    start-time 08:00:00 stop-time 17:00:00;
    }
    wednesday {
    start-time 08:00:00 stop-time 17:00:00;
    }
    thursday {
    start-time 08:00:00 stop-time 17:00:00;
    }
    friday {
    start-time 08:00:00 stop-time 17:00:00;
    }
    saturday exclude;
    }
    scheduler ScheduleAllDay {
    start-date 2020-01-28.00:00 stop-date 2021-01-31.00:00;
    sunday all-day;
    monday all-day;
    tuesday all-day;
    wednesday all-day;
    thursday all-day;
    friday all-day;
    saturday all-day;
    }

    from-zone trust to-zone untrust {
    policy trust-to-untrust {
    match {
    source-address any;
    destination-address any;
    application any;
    }
    then {
    permit {
    application-services {
    utm-policy UTM-XX;
    }
    }
    log {
    session-close;
    }
    count;
    }
    scheduler-name ScheduleWebFilter;
    }
    policy trust-to-untrust-nowf {
    match {
    source-address any;
    destination-address any;
    application any;
    }
    then {
    permit {
    application-services {
    utm-policy UTM-XX-No-WF;
    }
    }
    log {
    session-close;
    }
    count;
    }
    }
    }



  • 2.  RE: enhanced Web Filtering with a scheduler
    Best Answer

    Posted 01-28-2020 06:24

    Hi!

     

    On initial look, quick look and feel is... it looks fine I think. it's a little messy and not efficent but fundermentally it's there from what you provided.

    Set it to the like the below but with sunday and saturday to exclude.

    scheduler sche3 {
    start-date 2006-11-02.12:12 stop-date 2007-11-02.12:11;
    daily {
        start-time 10:00 stop-time 17:00
    }
    sunday {
        start-time 12:00 stop-time 14:00;
        start-time 16:00 stop-time 17:00;
    }
    monday {
        all-day;
    }
    friday {
        exclude;
    }
}


    This makes it a lot easier to visualise and troubleshoot.

     

    Also is the date and time set accordingly on the box?

    KR
    Adam



  • 3.  RE: enhanced Web Filtering with a scheduler

    Posted 01-28-2020 18:17

    how do you enable this scheduling?


    #WF


  • 4.  RE: enhanced Web Filtering with a scheduler

    Posted 01-29-2020 04:45

    You need to tie it to the interfaces and security policies 🙂

    KR
    Adam 



  • 5.  RE: enhanced Web Filtering with a scheduler

     
    Posted 02-19-2020 12:46

    Apologies on the delay @tech_mvt,  I was tied up.

     

    Are you all set here now?

     

    Cheers

    Pooja



  • 6.  RE: enhanced Web Filtering with a scheduler

     
    Posted 01-28-2020 08:24

    Hi there,

     

    Can you confirm if that policy is being hit in the first place?

     

    {primary:node0}
    jtac@TTCFW01> show security policies hit-count from-zone trust to-zone untrust

     

    Cheers

    Pooja

    Please Mark My Solution Accepted if it Helped, Kudos are Appreciated too!!!