SRX Services Gateway
Reply
Contributor
DanSmart
Posts: 109
Registered: ‎01-21-2008

Zscaler Webfilter with SRX

We are evaluating using Zscaler for Web content filtering.  They sent me a recipe to run GRE tunnels to their filter sites and policy routing to push 80 and 443 traffic to them.  They don't seem to have a recipe for SRX/JUNOS.  Dooes anyone have a config for GRE tunneling and PBR for JUNOS?

 

-=Dan=-

-=Dan=-
Juniper Employee
aditis
Posts: 12
Registered: ‎02-03-2010
Trusted Contributor
bwoodberg
Posts: 24
Registered: ‎11-16-2010

Re: Zscaler Webfilter with SRX

I don't have a cooked recipe, but configuring GRE:

 

http://kb.juniper.net/InfoCenter/index?page=content&id=KB12769

 

Configuring Filter Based Forwarding:

 

http://www.juniper.net/techpubs/software/junos/junos71/swconfig71-policy/html/firewall-config33.html

 

I would put the GRE interface in a separate VR which has the route pointed to it for the zScaler.

 

Note that GRE isn't supported until 11.2 on the high end, but is already supported on the Branch SRX.

Contributor
DanSmart
Posts: 109
Registered: ‎01-21-2008
0

Re: Zscaler Webfilter with SRX

We are going to use a SRX 240 as this is at a small plant facility in Mexico for the pilot.  I was planning on using 10.4 as that's where I understand alot of energy is flowing....

 

-=Dan=-

-=Dan=-
Trusted Contributor
bwoodberg
Posts: 24
Registered: ‎11-16-2010
0

Re: Zscaler Webfilter with SRX

Should be fine.  10.4 is an EEOL release, and the 10.4r4 code is recommended.  Juniper is putting a lot more effort into stability, but especialy for our EEOL releases.

Copyright© 1999-2013 Juniper Networks, Inc. All rights reserved.