ScreenOS Firewalls (NOT SRX)
Blogs
Discussion Forums
Programs & Events
turn on suggestions Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Reply
Topic Options
JBM
Visitor
JBM
Posts: 5
Registered: ‎05-13-2009
0

Convert Router Junos firewall filters to ScreenOS policies

Options

‎05-13-2009 02:30 AM

Hi,

 

I'm new in Juniper products, and I new to replicate a M10i router firewall filter configuration to a Netscreen firewall policies.

Is there any way to do it? Or should I configure by hand each filter?

 

Thanks in advance,

Javier

Message 1 of 8 (15,704 Views)
 
Reply
Distinguished Expert
Distinguished Expert
Screenie
Posts: 945
Registered: ‎01-10-2008
0

Re: Convert Router Junos firewall filters to ScreenOS policies

Options

‎05-13-2009 07:44 AM

I'm afraid It has to be done manualy. Of course you could do some scripting if you have many rules.
best regards,

Screenie.
Juniper Ambassador,
JNCIA IDP AC WX JNCIS FW SSL JNCIP SEC ENT SP JNCI

If this worked for you please flag my post as an "Accepted Solution" so others can benefit. A kudo would be cool if you think I earned it.
Message 2 of 8 (15,686 Views)
 
Reply
JBM
Visitor
JBM
Posts: 5
Registered: ‎05-13-2009
0

Re: Convert Router Junos firewall filters to ScreenOS policies

Options

‎05-14-2009 01:18 AM

Thanks Screenie,

 

I suposed that I should do it by hand.. but there are more than 30k lines of firewall filter configuration :smileysad:

I only have a config file, do you know if is there any way to convert it to html o something easier to read?

 

Best regards

Message 3 of 8 (15,667 Views)
 
Reply
Distinguished Expert
Distinguished Expert
Screenie
Posts: 945
Registered: ‎01-10-2008
0

Re: Convert Router Junos firewall filters to ScreenOS policies

Options

‎05-14-2009 01:40 AM

ScreenOS config to HTML you mean? There's a tool for this http://ns2html.sourceforge.net/  it's creating HTML documentation on your ScreenOS config. Nice tool, gives an overview of your policies.
best regards,

Screenie.
Juniper Ambassador,
JNCIA IDP AC WX JNCIS FW SSL JNCIP SEC ENT SP JNCI

If this worked for you please flag my post as an "Accepted Solution" so others can benefit. A kudo would be cool if you think I earned it.
Message 4 of 8 (15,665 Views)
 
Reply
JBM
Visitor
JBM
Posts: 5
Registered: ‎05-13-2009
0

Re: Convert Router Junos firewall filters to ScreenOS policies

Options

‎05-14-2009 02:05 AM

What I would like to convert is Junos M10i config file.

 

I've been read about ns2html, but I'd like to find a junos2html script :smileywink:

 

Thanks

Message 5 of 8 (15,660 Views)
 
Reply
Distinguished Expert
Distinguished Expert
Screenie
Posts: 945
Registered: ‎01-10-2008
0

Re: Convert Router Junos firewall filters to ScreenOS policies

Options

‎05-14-2009 02:43 AM

I'm not awre at such a script. I'd go for AWK or PERL to generate objects definition statements. But: you have to deal with zones. So maybe set criterea on network addresses for selecting the right zones?  After that more or less the same for policies. It's a hugh task I'm afraid. Buy a lot of coffee to go along with it!
best regards,

Screenie.
Juniper Ambassador,
JNCIA IDP AC WX JNCIS FW SSL JNCIP SEC ENT SP JNCI

If this worked for you please flag my post as an "Accepted Solution" so others can benefit. A kudo would be cool if you think I earned it.
Message 6 of 8 (15,651 Views)
 
Reply
JBM
Visitor
JBM
Posts: 5
Registered: ‎05-13-2009
0

Re: Convert Router Junos firewall filters to ScreenOS policies

Options

‎05-14-2009 03:19 AM

Thanks Screenie,

 

I think that I'm going to need something more than coffee!

 

Regards

Message 7 of 8 (15,646 Views)
 
Reply
Distinguished Expert
Distinguished Expert
Screenie
Posts: 945
Registered: ‎01-10-2008
0

Re: Convert Router Junos firewall filters to ScreenOS policies

Options

‎05-14-2009 02:09 PM

So come over here, lot's of coffeeshops in Amsterdam :smileywink:
best regards,

Screenie.
Juniper Ambassador,
JNCIA IDP AC WX JNCIS FW SSL JNCIP SEC ENT SP JNCI

If this worked for you please flag my post as an "Accepted Solution" so others can benefit. A kudo would be cool if you think I earned it.
Message 8 of 8 (15,632 Views)
 
Reply
Copyright© 1999-2013 Juniper Networks, Inc. All rights reserved.