SRX Services Gateway
Highlighted
SRX Services Gateway

packet mode on SRX and traffic inspection.

‎05-04-2018 09:16 AM

HI everyone

 

Let say we have SRX, for one specific src ip abd destination ip pair, we want to use packet forwarding mode,  my question is this traffic still get inspected for malware, virus etc? or  in other words, does using packet mode for certain traffic will result
such traffic not be checked for malware/virus etc.

Thanks and have a nice weekend.

 

3 REPLIES 3
SRX Services Gateway

Re: packet mode on SRX and traffic inspection.

‎05-04-2018 02:27 PM

The SRX modes flow vs packet are set at the entire device level.  Once you set the mode the processes that load and how the packet handling works is different.  You cannot do both packet and flow mode on the same device, you are setting one or the other.

 

The advanced inspection features you mention require the SRX be in flow mode.

 

Steve Puluka BSEET - Juniper Ambassador
IP Architect - DQE Communications Pittsburgh, PA (Metro Ethernet & ISP)
http://puluka.com/home
Highlighted
SRX Services Gateway
Solution
Accepted by topic author sarahr202
‎05-05-2018 02:17 PM

Re: packet mode on SRX and traffic inspection.

‎05-04-2018 02:56 PM

@spuluka, You can bypass the flow daemon for select traffic using a firewall filter and do stateless packet based forwarding using "then packet-mode" action.

 

https://kb.juniper.net/InfoCenter/index?page=content&id=KB26757

 

@OP, Because you are bypassing the flow daemon, I assume that all security inspection outside of a firewall filter does not occur.

Highlighted
SRX Services Gateway

Re: packet mode on SRX and traffic inspection.

‎05-04-2018 03:00 PM

nice, I was not aware of this option.

 

Steve Puluka BSEET - Juniper Ambassador
IP Architect - DQE Communications Pittsburgh, PA (Metro Ethernet & ISP)
http://puluka.com/home
Feedback