Screen OS

last person joined: 8 months ago 

This is a legacy community with limited Juniper monitoring.

  • 1.  who can help me to analyse the session information below

    Posted 11-11-2016 02:12

     

    Total 3 sessions according filtering criteria.
id 221406/s**,vsys 0,flag 08000040/0000/0001/0000,policy 88,time 180, dip 0 module 0
 if 5(nspflag 801801):a.a.a.a/18001->c.c.c.c/3868,6,00005e000102,sess token 4,vlan 0,tun 0,vsd 0,route 133,wsf 0
 if 0(nspflag 801800):a.a.a.a/18001<-c.c.c.c/3868,6,549f350fc44c,sess token 3,vlan 0,tun 0,vsd 0,route 1,wsf 0
id 223116/s**,vsys 0,flag 08000040/0000/0001/0000,policy 88,time 180, dip 0 module 0
 if 5(nspflag 801801):b.b.b.b/18001->c.c.c.c/3868,6,00005e000102,sess token 4,vlan 0,tun 0,vsd 0,route 133,wsf 0
 if 0(nspflag 801800):b.b.b.b/18001<-c.c.c.c/3868,6,549f350fc44c,sess token 3,vlan 0,tun 0,vsd 0,route 1,wsf 0
id 254224/s**,vsys 0,flag 08000040/0000/0001/0000,policy 88,time 178, dip 0 module 0

    could this two session can tell  us does firewall receive reply from c.c.c.c , does the firewall forward packet from c.c.c.c to outgoing interface . if cannot confirm with this two session. how can i confirm those information 

     



  • 2.  RE: who can help me to analyse the session information below
    Best Answer

    Posted 11-12-2016 10:51

    The session view does not have any byte counters to tell if there is actually traffic in either direction.

     

    But if you use the web interface and go to the polices view.  Turn on logging for the policy.

     

    In the policy logs, there is a byte counter for both ingress and egress for each session that gets logged.