SRX

 View Only
last person joined: yesterday 

Ask questions and share experiences about the SRX Series, vSRX, and cSRX.
  • 1.  HTTP/HTTPS Access

    Posted 12-06-2013 08:26

    I've followed the example of enabling http/https access on an interface on this page:  http://kb.juniper.net/InfoCenter/index?page=content&id=KB16647 but http access still doesn't work for the interface.  Any ideas if I'm missing anything?  

     

    Config below:

     

    Interface - 

    ge-0/0/6.0 up up inet 192.168.15.3/24

    Configuration - 

    services {
    ssh;
    telnet;
    xnm-clear-text;
    web-management {
    http {
    interface [ vlan.0 ge-0/0/6.0 ];
    }
    https {
    system-generated-certificate;
    interface [ vlan.0 ge-0/0/6.0 ];
    }

     

    When I try http://192.168.15.3 or https://192.168.15.3 I get 

    Access Error: 401 -- Unauthorized

    Interface is not authorized for HTTP access

     

    Any guidance in the right direction would be appreciated.

     

     

     


    #SRX240H
    #httpaccess
    #httpsaccess


  • 2.  RE: HTTP/HTTPS Access
    Best Answer

    Posted 12-06-2013 09:45

    user@host# show security zones security-zone <zone>| display set 
    set security zones security-zone <zone> host-inbound-traffic system-services all
    set security zones security-zone <zone> host-inbound-traffic protocols all
    set security zones security-zone <zone> interfaces vlan.0

     

    Whatever <zone> you have both interfaces in, verify that https and http is allowed if not allowing all.



  • 3.  RE: HTTP/HTTPS Access

    Posted 12-07-2013 04:15

    The interface I wanted to allow https access from is in the untrust zone and I didn't want to allow https access from every untrust interface (including the internet) - so like you said, I just enabled https access on the specific tunnel interface itself and it worked!

     

    Thanks for your guidance.