Dear community !
I need your help to clarify the firewall fitlter on EX to a) protect the RE and B) protect management access
Contrary to M/MX/T serie, I have read some limitation on EX firewall filter on the loopack but I would love to have this answer :
1) When I configure a very basic firewall filter (discard all) on the loopback, it seems the management access is not concerned :
Firewall filter :
set firewall family inet filter ACCESS_CONTROL term 1 then discard
set interfaces lo0.0 family inet input ACCESS_CONTROL
=> OSPF, BGP, or other protocols are correcty dropped. => Good
=> management access the me or vme interface is not dropped => WHY ?
Do I have the configure a filter in all my vlan interface to discard the remote access the the switch (expect for specific subnet ?)
Thank you for your help
Salah
JNCIE-SP 2194