Switching

Greetings all:

I've just got in some Dell OEM'd EX4200 switches that will be set up in a virtual chassis to become my new switching core.  As I'm going through my baseline setup, one of my goals is to secure SSH and HTTPS access to the switch.  Access should only be allowed from our management networks.  On my SRX box, and pretty much everything thus far I've been able to find on the Internet about the EX4200, it's simply creating a firewall filter rule and applying it to the loopback interface and you're done.  However, when I do this, I'm receiving the following error when looking at the firewall piece of the config:

<snip>

firewall {

##

## Warning: configuration block ignored: unsupported platform (DELL J-EX4200-24T)

##

filter manager-ip {

<snip>

So I'm struggling to figure out how I accomplish this.  I'm not going to put something into production that I can't secure 🙂  Currently running Junos 10.4R5.5 on the switch, as it's the JTAC reccomended software for that platform.  Any suggestions on what to do would be most appreciated.  Thanks!

hi,

looks like firewall family inet|ethernet-switching|... is required/supported on EX. Anyway it's the preferred way to configure firewall filters.

firewall {
      family family-name {
            filter filter-name {
            [...]
            }
      [...]
      }
}

http://www.juniper.net/techpubs/en_US/junos10.4/topics/reference/configuration-statement/firewall-firewall-filter-ex-series.html

jtb

Ah, that seemed to be it... forgot to declare its family.  Oddly enough, my SRX boxes didn't care about that.  Thanks for the help!