SRX

 View Only
last person joined: 18 hours ago 

Ask questions and share experiences about the SRX Series, vSRX, and cSRX.
  • 1.  Filter from Plain Text IP list on local web server

    Posted 01-24-2023 19:02

    I would like to have my SRX345 Pull an IP List to ban to access to my mail server for people that attempt to hack my mail accounts. I already have a solution that bans them locally and generates an IP Ban list on a web page. 

    I have a web server that has a real time plain_text page that generates all the IPs to block. When I used the config I found on another side it took it but nothing happens and am notsure if it is working at all. In Jweb I do not see what I have added to the config.  Do I have to do anything to tell what Policy and what servers to ban these IP from accessing??
    Is there a place in Jweb I can see my feed???

    Below is what I have added to my config

    security {
    dynamic-address {
    feed-server localwebserver {
    hostname 10.10.20.105;
    update-interval 3600;
    hold-interval 86400;
    feed-name web-blacklist {
    path /api/blacklist_plain_text;
    }
    }
    address-name address-blacklist {
    profile {
    feed-name web-blacklist;
    }
    }
    }



    ------------------------------
    JAY ECHOUAFNI
    ------------------------------


  • 2.  RE: Filter from Plain Text IP list on local web server

    This message was posted by a user wishing to remain anonymous
    Posted 01-25-2023 10:02
    This message was posted by a user wishing to remain anonymous

    The Juniper ATP cloud solution is designed force this type of application.  I recommend looking into this.


  • 3.  RE: Filter from Plain Text IP list on local web server

    Posted 01-25-2023 13:25
    I don't want to pay a fortune to use my own custom list. Since I generate that list from my IPban software and do not see why I would pay for a service that I am providing. can anyone tell me how o use my custom IP list from my severs. With my SRX345

    ------------------------------
    JAY ECHOUAFNI
    ------------------------------



  • 4.  RE: Filter from Plain Text IP list on local web server

    Posted 01-31-2023 10:44

    Hi Jay,

    You can check the feeds from the CLI using `show security dynamic-address summary`.

    This will list the dynamic address feeds applied on the device and a summary of the number of IP addresses that have been loaded.

    Once this is confirmed you will then use the address name 'web-blacklist', in your case, and apply this to a Security Policy that you want to specify and apply the appropriate action i.e. "deny"

    Kind Regards,
    Gavin White



    ------------------------------
    GAVIN WHITE
    ------------------------------