ScreenOS Firewalls (NOT SRX)
Reply
Contributor
ITSupport
Posts: 12
Registered: ‎11-10-2009
0
Accepted Solution

IP spoofing since I installed new ISP on DMZ interface.

I configured our NS5GT for new ISP on the DMZ interface. DMZ interface is in route mode and ADSL modem is setup in bridge mode. I have got policies to allow traffice from

 

Trust to DMZ and vice versa

Untrust to DMZ and vice versa

 

Since I configured it I have been receiving lots of IP spoofing alerts and they are different IP to different ports on our Public IP.

I have tried to turn on screening for DMZ zone and most of the features are enabled. It is still causing issue.

 

Can someone please me with that?

 

Regards

IT Support

Super Contributor
Cesar
Posts: 141
Registered: ‎11-18-2008
0

Re: IP spoofing since I installed new ISP on DMZ interface.

Disable ip spoofing on DMZ zone via "unset zone untrust screen ip-spoofing"

If you still have the messages provide the exact event entry and "get zone DMZ screen"

Contributor
ITSupport
Posts: 12
Registered: ‎11-10-2009
0

Re: IP spoofing since I installed new ISP on DMZ interface.

Hi Cesar,

 

Is disabling IP spoofing is the only solution?

 

I dont want to disable IP spoofing protection at all.

 

Please suggest.

 

Cheers !

Super Contributor
arizvi
Posts: 287
Registered: ‎10-21-2008

Re: IP spoofing since I installed new ISP on DMZ interface.

Hi,

 

Please follow the KB , which explain about Ip spoofing and how to diagnose the IP  spoofing:

http://kb.juniper.net/KB6185

 

Thanks

Atif

Contributor
ITSupport
Posts: 12
Registered: ‎11-10-2009
0

Re: IP spoofing since I installed new ISP on DMZ interface.

Thanks Atif...

 

I had a look at it. It is not much useful but helped me understanding my issue.

 

Cheers !

Copyright© 1999-2013 Juniper Networks, Inc. All rights reserved.