Juniper J2300 User Manual page 442
J-series services router
Hide thumbs
Also See for J2300:
- Getting started manual (305 pages) ,
- Quick start quide (26 pages) ,
- Datasheet (2 pages)
Table of Contents
Advertisement
J-series™ Services Router User Guide
Task
Define
not-fragmented-term,
and define the fragment,
protocol, destination port,
and source address match
conditions.
Define the action for
not-fragmented-term.
412
Configuring a Stateless Firewall Filter with a Configuration Editor
J-Web Configuration Editor
1.
On the Filter fragment-RE page, next to
Term, click Add New Entry.
2.
In the Term name box, type
not-fragmented-term.
3.
Next to From, click Configure.
4.
In the Fragment flags box, type 0x0.
5.
In the Fragment offset choice drop-down
list, select Fragment offset.
6.
Next to Fragment offset, select Add New
Entry.
7.
In the Range box, type 0.
8.
Click OK.
9.
In the Protocol choice drop-down list,
select Protocol.
10.
Next to Protocol, click Add new entry.
11.
In the Value keyword drop-down list,
select tcp.
12.
Click OK.
13.
In the Destination port choice drop-down
list, select Destination port.
14.
Next to Destination port, click Add new
entry.
15.
In the Value keyword drop-down list,
select bgp.
16.
Click OK.
17.
Next to Source address, click Add new
entry.
18.
In the Address box, type 10.2.1.0/24.
19.
Click OK twice.
1.
On the Term not-fragmented-term page,
next to Then, click Configure.
2.
In the Designation drop-down list, select
Accept.
3.
Click OK twice.
CLI Configuration Editor
Set the term name and define match
conditions:
set family inet filter fragment-RE
term not-fragmented-term from
fragment-flags 0x0 fragment-offset 0
protocol tcp destination-port bgp
source-address 10.2.1.0/24
Set the action:
set family inet filter fragment-RE
term not-fragmented-term then accept
- Quick Links:
- User Guide
Hide quick links:
Advertisement
Table of Contents
Troubleshooting
