Junos
Highlighted
Junos

Create custom application for SRX

‎05-06-2016 11:05 AM

Hello,

 

      Can someone tell me to how I can create custom application for a service (HTTPS) but it is actually running on a different port than 443?  We need a application for HTTPS on ports 8080,8082 and a slew of others. I see there is the application "junos-https", destination port 443, already pre-defined. If I wanted to create a custom application for port https but is on port 8080, would I do the following:

 

application <my name>

       protocol type tcp

       destination-port 8080

 

We have security policies between zones that allow https but on a different port than 443. Lastly, since the system has pre-defined applications, is there a way to store my custom applications.

4 REPLIES 4
Highlighted
Junos
Solution
Accepted by topic author TDNY
‎05-09-2016 11:49 AM

Re: Create custom application for SRX

[ Edited ]
‎05-06-2016 04:36 PM

Hi TDNY,

 

I think this is what you are looking for ( I named the application https-8080 ) :

 

 

application https-8080 {
application-protocol https;
destination-port 8080;
}

 

If you apply it to the command line and commit, it will be saved :

 

set applications application https-8080 application-protocol https

set applications application https-8080 destination-port 8080

Thanks,
Hisham

Please accept my comment as a solution, if it helped in resolving your issue, to help guide other commentators and encourage others.
Highlighted
Junos

Re: Create custom application for SRX

‎05-09-2016 11:49 AM

Thanks Hisham,

 

      That does work but what if I have an application used for automated deployment (IBM udeploy), it is TCP and runs on port 7918. How would I define this if it is not a known common port number? Or could I do this:

 

application udeploy

       protocol tcp

       destination-port 7918

 

Will this work? Thanks!

 

 

Highlighted
Junos

Re: Create custom application for SRX

‎05-09-2016 05:19 PM

Hi TDNY,

 

Yes it works the way you did it. Basically, if the service/application is a standard defined one using a non-standard port you can inherit the configuration of the standard service/application already defined in Junos using the "application-protocol" stanza and modify the parameters that are different.

 

If it is a totally new/non-standard application protocol that isn't defined in Junos you can simply use the "protocol stanza" and set it to tcp or udp ( depending on which it uses ) and set its destination port, this is as simple as it gets; but you can also tie down other parameters depending on your understanding of the protocol. This is how it should be ( you missed out the parentheses) :

 

application udeploy{

       protocol tcp

       destination-port 7918

}

 

or :

 

set applications application udeploy protocol tcp

set applications application udeploy destination-port 7918

 

 

 

Thanks,
Hisham

Please accept my comment as a solution, if it helped in resolving your issue, to help guide other commentators and encourage others.
Highlighted
Junos

Re: Create custom application for SRX

[ Edited ]
‎07-25-2019 04:47 AM

HI elkadiki 

 

You have elaborate the said issue with very simple manner I want some more clarification in this regard I want to add more than one customized ports against one object is there any way-out . Like 

         application udeploy

                                           {

                                              protocol tcp destination-port 7918, 8080, 8014, 8881

                                           }

 

If so please share your feedback as soon as possible, It would be appreciated. 

 

Regards, 

 

Muhammad Tanveer

Feedback