ScreenOS Firewalls (NOT SRX)
ScreenOS Firewalls (NOT SRX)

Convert Router Junos firewall filters to ScreenOS policies

05.13.09   |  
‎05-13-2009 02:30 AM

Hi,

 

I'm new in Juniper products, and I new to replicate a M10i router firewall filter configuration to a Netscreen firewall policies.

Is there any way to do it? Or should I configure by hand each filter?

 

Thanks in advance,

Javier

7 REPLIES
Highlighted
ScreenOS Firewalls (NOT SRX)

Re: Convert Router Junos firewall filters to ScreenOS policies

05.13.09   |  
‎05-13-2009 07:44 AM
I'm afraid It has to be done manualy. Of course you could do some scripting if you have many rules.
best regards,

Screenie.
Juniper Ambassador,
JNCIA IDP AC WX JNCIS FW SSL JNCIP SEC ENT SP JNCI

If this worked for you please flag my post as an "Accepted Solution" so others can benefit. A kudo would be cool if you think I earned it.
ScreenOS Firewalls (NOT SRX)

Re: Convert Router Junos firewall filters to ScreenOS policies

05.14.09   |  
‎05-14-2009 01:18 AM

Thanks Screenie,

 

I suposed that I should do it by hand.. but there are more than 30k lines of firewall filter configuration Smiley Sad

I only have a config file, do you know if is there any way to convert it to html o something easier to read?

 

Best regards

ScreenOS Firewalls (NOT SRX)

Re: Convert Router Junos firewall filters to ScreenOS policies

05.14.09   |  
‎05-14-2009 01:40 AM
ScreenOS config to HTML you mean? There's a tool for this http://ns2html.sourceforge.net/  it's creating HTML documentation on your ScreenOS config. Nice tool, gives an overview of your policies.
best regards,

Screenie.
Juniper Ambassador,
JNCIA IDP AC WX JNCIS FW SSL JNCIP SEC ENT SP JNCI

If this worked for you please flag my post as an "Accepted Solution" so others can benefit. A kudo would be cool if you think I earned it.
ScreenOS Firewalls (NOT SRX)

Re: Convert Router Junos firewall filters to ScreenOS policies

05.14.09   |  
‎05-14-2009 02:05 AM

What I would like to convert is Junos M10i config file.

 

I've been read about ns2html, but I'd like to find a junos2html script Smiley Wink

 

Thanks

ScreenOS Firewalls (NOT SRX)

Re: Convert Router Junos firewall filters to ScreenOS policies

05.14.09   |  
‎05-14-2009 02:43 AM
I'm not awre at such a script. I'd go for AWK or PERL to generate objects definition statements. But: you have to deal with zones. So maybe set criterea on network addresses for selecting the right zones?  After that more or less the same for policies. It's a hugh task I'm afraid. Buy a lot of coffee to go along with it!
best regards,

Screenie.
Juniper Ambassador,
JNCIA IDP AC WX JNCIS FW SSL JNCIP SEC ENT SP JNCI

If this worked for you please flag my post as an "Accepted Solution" so others can benefit. A kudo would be cool if you think I earned it.
ScreenOS Firewalls (NOT SRX)

Re: Convert Router Junos firewall filters to ScreenOS policies

05.14.09   |  
‎05-14-2009 03:19 AM

Thanks Screenie,

 

I think that I'm going to need something more than coffee!

 

Regards

ScreenOS Firewalls (NOT SRX)

Re: Convert Router Junos firewall filters to ScreenOS policies

05.14.09   |  
‎05-14-2009 02:09 PM
So come over here, lot's of coffeeshops in Amsterdam Smiley Wink
best regards,

Screenie.
Juniper Ambassador,
JNCIA IDP AC WX JNCIS FW SSL JNCIP SEC ENT SP JNCI

If this worked for you please flag my post as an "Accepted Solution" so others can benefit. A kudo would be cool if you think I earned it.