SRX

last person joined: yesterday 

Ask questions and share experiences about the SRX Series, vSRX, and cSRX.

  • 1.  block web browsing using SRX 100

    Posted 11-11-2017 10:52

    Good day

    I would like to know how to completely block web browsing using the SRX100 device.

    This in order to use the internet network for ip telephony.

    Summary, I want to block web browsing and use the internet for ip telephony.

    I hope you can help me,

    regards



  • 2.  RE: block web browsing using SRX 100

    Posted 11-11-2017 21:41
    In firewall rulebase, you may allow the ports required for ip telephony in initial rules.

    Subsequently, you may deny applications of web (junos-http and junos-https) in the rulebase to achieve the objective.

    For simpler config, you may want to use web ui for rule base configuration..


  • 3.  RE: block web browsing using SRX 100
    Best Answer

    Posted 11-13-2017 15:29

    Hi good day
    I was very helpful with your answer, but I am new and I do not know in which part of the web interface to configure the rules you mention.

    Would you please tell me how to do it step by step?



  • 4.  RE: block web browsing using SRX 100

    Posted 11-13-2017 15:45

    From your VOIP vendor website or contact, get a list of required communication protocols/ports and ip addresses.

     

    In the SRX web interface go to

    Security > Security Policy

     

    Change the zones from trust to untrust

    Select and edit the existing allow all outbound rule to use the list of protocols/ports and ip addresses from your vendor instead.

     

    Save these changes and on the top menu choose:

    actiions > commit

     

    Now the only traffic outbound permitted is what is needed by the VOIP system no other communications will work.