Hi Guys
I have run into a small problem and im hoping the forum could shed some light and point me in the right direction.
I need to setup packet-mode for a particular range of public IP's
I have setup a prefix-list that refrences the public IP's
I have setup a firewall filter from source to destination(prefix-list) then packet-mode
I have then bound the filter to both interfaces. Ge-0/0/0 and Ge-0/0/3
I have attached a diagram and the config of the SRX220
Troublshooting
Once i applied the config, we could ping the servers from the internet.
Voice services were working like a dream
sho firewall command indicated the filter was being hit
Problem:
We could not connect to any TCP services on the prefic-list. But yet UDP traffic was working well.
port 80 was not responding
port 5900 - not responding
SSH - not responding
Seems like TCP was being blocked for some reason.........
Has anyone else had the same problem? am i doing something wrong
Let me know
TX CHAMPS
#flow-mode#Packet-mode