11-01-2011 10:42 AM
I am using SRX240 for a trial. The box is only going to be used as a ADSL router. I want to secure the box from the outside world. I have attached my config for that box and was wondering what else should i change or add on the box to stop any rogue access into the box.
11-01-2011 11:08 AM
Other than that, your box seems pretty much closed down, no access should be possible from outside/untrust.
11-02-2011 04:07 AM
Neither tftp or dhcp should be necessary on the WAN interface unless you have a very customized setup running. Both are server services and are not required for the device to acquire an address via DHCP.
11-03-2011 09:28 AM - edited 11-03-2011 09:29 AM
If you want to have external access to mgmt, you should create firewall filter and then attach it to yours lo0