Hi, Guys
I cannot test this web-redirect functionality successfully in my VSRX, I have no idea what was wrong with my config, further, no too many useful info can be seen on this topic on the internet.
BTW: I am using Junos [12.1X47-D10.4], firefly-perimeter
Topology:
host-------------------inside---SRX----outside---------------------remote host
192.168.100/24 10.10.10/24
My basic config is like:
lab@SRX-A-48# show access
profile authen-pass {
client user-1 {
firewall-user {
password "$9$n.aA6A0B1hyrv0OX7Vb2g"; ## SECRET-DATA
}
}
}
firewall-authentication {
pass-through {
default-profile authen-pass;
telnet {
banner {
login login-telnet;
success success-telnet;
}
}
}
}
[edit]
lab@SRX-A-48# show system services
ftp;
ssh;
telnet;
web-management {
http;
}
[edit]
lab@SRX-A-48# show interfaces ge-0/0/1
unit 0 {
family inet {
address 192.168.100.2/24 {
preferred;
}
address 192.168.100.100/24 {
web-authentication http;
}
}
}
[edit]
lab@SRX-A-48# show security policies
from-zone inside to-zone outside {
policy permit-all {
match {
source-address any;
destination-address any;
application any;
}
then {
permit {
firewall-authentication {
pass-through {
client-match user-1;
web-redirect;
}
}
}
}
}
}
When I try to access my remote host through http from inside zone, it always timeout without an expect results.
Thanks all in advance!
Regards