That you so much for your help. I spent some time making sure everything was working correctly and it is.
I have begun setting up IDP. The attack objects and policy templates are installed. Here is the security policy:
--- JUNOS 12.1X44-D20.3 built 2013-07-19 03:52:31 UTC
from-zone Internet to-zone Internal {
policy policy_in_wizard_dyn_vpn {
match {
source-address any;
destination-address any;
application any;
}
then {
permit {
tunnel {
ipsec-vpn wizard_dyn_vpn;
}
application-services {
idp;
}
}
log {
session-close;
}
}
}
}
@JuniperSRX>
My hope is that the incoming traffic from the internet can have the vpn and the idp working on the same security policy. Is this ok or I am missing traffic?
I am using the default template called "Recommended" and it is active.
JuniperSRX> show security idp status
State of IDP: Default, Up since: 2015-05-31 18:34:20 EDT (6d 06:58 ago)
Packets/second: 1 Peak: 559 @ 2015-06-06 22:54:20 EDT
KBits/second : 1 Peak: 265 @ 2015-06-06 22:50:35 EDT
Latency (microseconds): [min: 0] [max: 0] [avg: 0]
Packet Statistics:
[ICMP: 0] [TCP: 2359] [UDP: 85] [Other: 0]
Flow Statistics:
ICMP: [Current: 0] [Max: 0 @ 2015-06-06 20:27:16 EDT]
TCP: [Current: 0] [Max: 36 @ 2015-06-06 22:47:22 EDT]
UDP: [Current: 0] [Max: 10 @ 2015-06-06 22:44:37 EDT]
Other: [Current: 0] [Max: 0 @ 2015-06-06 20:27:16 EDT]
Session Statistics:
[ICMP: 0] [TCP: 0] [UDP: 0] [Other: 0]
Policy Name : Recommended
Running Detector Version : 12.6.160140822
JuniperSRX>
I don't understand why I am not catching anything. Maybe I should make another Internet to Internal policy just for IDP?
Also, I need to block a range of ip addresses and I am not sure how to do that. I was trying the address book as an option then a firewall setting. The range is 183.0.0.0 - 183.63.255.255 and 180.152.0.0 - 180.159.255.255.
Thank you spuluka !!