Hi everyone,
Please help me this problem, it has made me to be crazy. Here is my configuration
- Create application and application-set
set applications application AD-CLT-DC-UDP-DOMAIN protocol udp
set applications application AD-CLT-DC-UDP-DOMAIN destination-port domain
set applications application-set AD-CLT-DC-UDP application AD-CLT-DC-UDP-DOMAIN
- Create global address book include address and address-set
set security address-book global address BR-GR-WTD-01 10.130.72.0/22
set security address-book global address-set BR-GR-WTD address BR-GR-WTD-01
set security address-book global address HQ-GR-DC-01 10.0.36.0/24
set security address-book global address HQ-GR-DC-02 10.4.36.0/24
set security address-book global address-set HQ-GR-DC address HQ-GR-DC-01
set security address-book global address-set HQ-GR-DC address HQ-GR-DC-02
- Create security policies
set security policies from-zone trust to-zone untrust policy AD-CLT-DC-UDP match source-address BR-GR-WTD
set security policies from-zone trust to-zone untrust policy AD-CLT-DC-UDP match destination-address HQ-GR-DC
set security policies from-zone trust to-zone untrust policy AD-CLT-DC-UDP match application AD-CLT-DC-UDP
set security policies from-zone trust to-zone untrust policy AD-CLT-DC-UDP then permit
set security policies from-zone trust to-zone untrust policy AD-CLT-DC-UDP then log session-close
set security policies from-zone untrust to-zone trust policy PermitAll match source-address any
set security policies from-zone untrust to-zone trust policy PermitAll match destination-address any
set security policies from-zone untrust to-zone trust policy PermitAll match application any
set security policies from-zone untrust to-zone trust policy PermitAll then permit
set security policies from-zone untrust to-zone trust policy PermitAll then log session-close
- Here is the log file
Apr 11 01:44:06 R903-PGD-ThaoDien RT_FLOW: RT_FLOW_SESSION_CLOSE: session closed unset: 10.143.72.70/49857->10.0.36.34/53 junos-dns-udp 10.143.72.70/49857->10.0.36.34/53 None None 17 PermitAll trust untrust 19134 2(144) 1(83) 11 UNKNOWN UNKNOWN N/A(N/A) vlan.0
Apr 11 01:44:06 R903-PGD-ThaoDien RT_FLOW: RT_FLOW_SESSION_CLOSE: session closed unset: 10.143.72.75/52918->10.4.36.31/53 junos-dns-udp 10.143.72.75/52918->10.4.36.31/53 None None 17 PermitAll trust untrust 19123 2(144) 1(94) 10 UNKNOWN UNKNOWN N/A(N/A) vlan.0
Apr 11 01:44:06 R903-PGD-ThaoDien RT_FLOW: RT_FLOW_SESSION_CLOSE: session closed unset: 10.143.72.75/52918->10.4.36.32/53 junos-dns-udp 10.143.72.75/52918->10.4.36.32/53 None None 17 PermitAll trust untrust 19125 2(144) 1(83) 9 UNKNOWN UNKNOWN N/A(N/A) vlan.0
Apr 11 01:44:08 R903-PGD-ThaoDien RT_FLOW: RT_FLOW_SESSION_CLOSE: session closed unset: 10.143.72.70/49857->10.4.36.33/53 junos-dns-udp 10.143.72.70/49857->10.4.36.33/53 None None 17 PermitAll trust untrust 19113 2(144) 1(83) 13 UNKNOWN UNKNOWN N/A(N/A) vlan.0
That's my problem, I don't understand why the first policy is not match. Does anyone give me any ideas?