Hi All,
First of all, thank you for taking the time to read this post. I have a SRX220H which is running the 12.1X46-D40.2 release.
After an accidental reboot of the SRX, it seemed to be working fine and the machine came back without issues. However, later on it started to give me some issues...
To start of with the main issue:
It seems that the firewall is occasionally letting traffic pass through to the Internet (Untrusted zone), but mainly it refuses access from a random device, located in the trust zone, to the untrust zone. However, when pinging from the SRX to, for example 8.8.8.8, it seems to be working fine. When looking at the zones and policies, they all seem to be in order (They haven't changed prior to the reboot). When looking at the output of the "show security flow session", it seems not to hit the firewall while I clearly see it leaving the device (for example Directly connected).
Troubleshooting steps taken so far:
- configuration checks
- NAT translation checks
- security policy checks
- load factory-defaults
- zeroized the srx
- reinstalled 12.1X46-D40.2
Also, the SRX seems not to ping/ssh to devices (even with source set) which are located in the trust zone and ARE pingable / ssh-able from other devices within the trust zone.
By now, i'm a bit at the point of kicking it out and buying a simple router I hope someone could give me a pointer. Attached is my config file.
Thank you in advance!!
Greetings!
Dan