After a hard reboot its not passing but here is what I have
!
!
root@SRX1> ...ation security zones security-zone untrust
host-inbound-traffic {
system-services {
all;
}
protocols {
ospf;
}
}
interfaces {
ge-0/0/0.0 {
host-inbound-traffic {
system-services {
ping;
}
}
}
}
root@SRX1> show configuration security zones security-zone wan-zone
host-inbound-traffic {
protocols {
ospf;
}
}
interfaces {
ge-0/0/3.0 {
host-inbound-traffic {
system-services {
ping;
}
}
}
}
!
root@SRX1> ...rity policies from-zone wan-zone to-zone untrust
policy 2 {
match {
source-address any;
destination-address any;
application [ junos-gre gre-custom ];
}
then {
deny;
count;
}
}
policy 1 {
match {
source-address any;
destination-address any;
application junos-ping;
}
then {
permit;
}
}
!
!
!
root@SRX1> ...from-zone wan-zone to-zone untrust policy-name 2 detail
Policy: 2, action-type: deny, State: enabled, Index: 6, Scope Policy: 0
Policy Type: Configured
Sequence number: 1
From zone: wan-zone, To zone: untrust
Source addresses:
any-ipv4(global): 0.0.0.0/0
any-ipv6(global): ::/0
Destination addresses:
any-ipv4(global): 0.0.0.0/0
any-ipv6(global): ::/0
Application: junos-gre
IP protocol: 47, ALG: 0, Inactivity timeout: 0
Source port range: [0-0]
Destination port range: [0-0]
Application: gre-custom
IP protocol: gre, ALG: 0, Inactivity timeout: 0
Source port range: [0-0]
Destination port range: [0-0]
Per policy TCP Options: SYN check: No, SEQ check: No
Policy statistics:
Input bytes : 30924 72 bps
Initial direction: 30924 72 bps
Reply direction : 0 0 bps
Output bytes : 0 0 bps
Initial direction: 0 0 bps
Reply direction : 0 0 bps
Input packets : 295 0 pps
Initial direction: 295 0 bps
Reply direction : 0 0 bps
Output packets : 0 0 pps
Initial direction: 0 0 bps
Reply direction : 0 0 bps
Session rate : 0 0 sps
Active sessions : 0
Session deletions : 0
Policy lookups : 295