Management
Blogs
Discussion Forums
Programs & Events
turn on suggestions Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Reply
Topic Options
xamalon4eg
Visitor
xamalon4eg
Posts: 3
Registered: ‎11-02-2011
0

M120 Nat implementation. TCP connections drop

Options

‎01-26-2012 03:29 AM



So i`ve made a config in attach

 


So all this conf was made to allow internet acces from 10.x network with 10.0.1.1 dns servers.

It works great only with ping or dns requests. But all TCP connetcions drops and I can`t figure out why. Test PC can`not acces internet from 10.x network (

 

What is wrong???

Attachment 12.txt ‏4 KB
Message 1 of 2 (293 Views)
 
Reply
xamalon4eg
Visitor
xamalon4eg
Posts: 3
Registered: ‎11-02-2011
0

Re: M120 Nat implementation. TCP connections drop

Options

‎01-29-2012 10:41 PM

so i`ve added another part of conf and it worked. but i can`t anderstand why. 

stateful-firewall {
rule allow_tcp {
match-direction input-output;
term 1 {
from {
applications [ junos-http junos-dns-udp junos-telnet junos-dns-tcp junos-ip junos-smtp junos-traceroute junos-pptp junos-ntalk junos-pop3 ICQ ];
}
then {
accept;
}
 }
}

 

why should i add such a rule& why can`t i just add a rule such as: from destination-address Any unicast?

 

anyone can help me out??? 

 

 

Message 2 of 2 (268 Views)
 
Reply
Copyright© 1999-2013 Juniper Networks, Inc. All rights reserved.