Hi @Ulf
My EX4650 using junos version21.4R3-S3.4. Currently JTAC test in their lab with same config with for firewall filter but they cannot get same behaviour like me. The junos version on JTAC lab was 21.4R3-S2 . I'm waiting JTAC to upgrade their junos version same like me and they will retest again,
Thanks
Original Message:
Sent: 07-20-2023 04:48
From: Ulf
Subject: Is it normal we can see ssh attempt in log message on EX4650 even it already do protect-re?
Hi,
I'm not aware of design difference that would lead to this, so:
- Can you please share the SW version used?
- Are you using the exact same protect-RE firewall filter on EX than on the MX you're comparing with?
- Do you have (or can add) count or even log actions to the fwf terms to see if the firewall filter is matching at all / which terms?
- Can you remove one address from the allowed (internal) prefixes and test whether that allows you to reproduce the issue?
Regards
Ulf
Original Message:
Sent: 07-19-2023 11:20
From: kronicklez
Subject: Is it normal we can see ssh attempt in log message on EX4650 even it already do protect-re?
Hi all,
Is anyone here can verify in your existing EX switch whether it's normal we still can see ssh log attempt in log messages even we already do some protect-RE that allow certain prefix that can ssh only and apply on loopback interface? Because i compare in MX series it should not see SSH attempt in the log message if we already apply protect-RE in loopback interface.
Thanks and appreciate any feedback to make sure it not issue and it as per design on EX series.