Message Image

Skip main navigation (Press Enter).

SRX

last person joined: 2 days ago

Ask questions and share experiences about the SRX Series, vSRX, and cSRX.

Back to discussions

Expand all | Collapse all

show dropped

Jump to Best Answer

Erdem07-21-2017 16:34

is there a command that display dropped traffics by SRX for example host-inbound traffic for ping ...

Erdem07-21-2017 16:42

You would need to create a policy to deny the traffic and log that policy.

spuluka07-22-2017 04:33Best Answer

For traffic destined to the SRX you have to create the policy using the junos-host zone. Log the policy ...

1. show dropped

0 Recommend
Erdem
Posted 07-21-2017 16:34

Reply Reply Privately
is there a command that display dropped traffics by SRX

for example host-inbound traffic for ping is not allowed on the traffic interface and a ping is received ...
2. RE: show dropped

0 Recommend
Erdem
Posted 07-21-2017 16:42

Reply Reply Privately
You would need to create a policy to deny the traffic and log that policy.
3. RE: show dropped
Best Answer

0 Recommend
spuluka
Posted 07-22-2017 04:33

Reply Reply Privately
For traffic destined to the SRX you have to create the policy using the junos-host zone.

Log the policy on session initiation

Be aware that deny logging can generate a LOT of logs on interfaces facing the internet. So local logging will roll over frequently or will consume a lot of space in your syslog.

Powered by Higher Logic