Screen OS

last person joined: 8 months ago 

This is a legacy community with limited Juniper monitoring.

  • 1.  IP spoofing since I installed new ISP on DMZ interface.

    Posted 11-15-2009 21:18

    I configured our NS5GT for new ISP on the DMZ interface. DMZ interface is in route mode and ADSL modem is setup in bridge mode. I have got policies to allow traffice from

     

    Trust to DMZ and vice versa

    Untrust to DMZ and vice versa

     

    Since I configured it I have been receiving lots of IP spoofing alerts and they are different IP to different ports on our Public IP.

    I have tried to turn on screening for DMZ zone and most of the features are enabled. It is still causing issue.

     

    Can someone please me with that?

     

    Regards

    IT Support



  • 2.  RE: IP spoofing since I installed new ISP on DMZ interface.

    Posted 11-15-2009 22:08

    Disable ip spoofing on DMZ zone via "unset zone untrust screen ip-spoofing"

    If you still have the messages provide the exact event entry and "get zone DMZ screen"



  • 3.  RE: IP spoofing since I installed new ISP on DMZ interface.

    Posted 11-16-2009 19:06

    Hi Cesar,

     

    Is disabling IP spoofing is the only solution?

     

    I dont want to disable IP spoofing protection at all.

     

    Please suggest.

     

    Cheers !



  • 4.  RE: IP spoofing since I installed new ISP on DMZ interface.
    Best Answer

    Posted 11-16-2009 23:03

    Hi,

     

    Please follow the KB , which explain about Ip spoofing and how to diagnose the IP  spoofing:

    http://kb.juniper.net/KB6185

     

    Thanks

    Atif



  • 5.  RE: IP spoofing since I installed new ISP on DMZ interface.

    Posted 11-17-2009 18:47

    Thanks Atif...

     

    I had a look at it. It is not much useful but helped me understanding my issue.

     

    Cheers !