This message was posted by a user wishing to remain anonymous
Hi guys,
I have done almost the exact same thing as this on an EX switch, with the only difference being that the family is bridge on this SRX.
However, on the SRX it just doesn't work, none of the MACs under source-mac-address can talk to the ge-0/0/2 port, whereas the exact same thing in an EX does the trick.
Is there anything special about the SRX that would prevent this from working?
ge-0/0/2 {
enable;
unit 0 {
family bridge {
filter {
output thefilter;
}
interface-mode access;
vlan-id 5;
}
}
}
firewall {
family bridge {
filter thefilter {
interface-specific;
term block {
from {
source-mac-address {
mac1;
mac2;
}
}
then accept;
}
}
}
}