Hi all!
Have a question about Juniper SRX security flow. One host in his zone initiates a connection, and I see a real-time security flow session. I see an active connection RT_FLOW (RT_FLOW_SESSION_CREATE_LS), but the user is not receiving ICMP replies from the end host. The solution turned out to be simple. From the side of the SRX, the user's network was not announced to the OSPF area 0.
But it doesn't come out clearly.
Exploring security flow SRX, or security log, how to understand that the security session has been established and the transmission of TCP traffic is possible?
Learn security flow traceoptions ?
Then what indicators in it testify to this.