In and effort to learn more about these SRX boxes, I got a used one for my house (along with a 24poe ex2200, I have a couple question that i have given the "5minute rule" but i cant figure out.
1. i have 2 networks, vlan 10 for computers and Vlan 20 for my security cameras.
the Vlans can only talk if i make a zone with trust to trust, and allow all, I assume this is normal. I also have the defualt deny group configured and it is not showing anything getting blocked
groups {
default-deny-template {
security {
policies {
from-zone <*> to-zone <*> {
policy defult-deny {
match {
source-address any;
destination-address any;
application any;
}
then {
deny;
log {
session-init;
}
syslog {
archive size 100k files 3;
user * {
any emergency;
}
file messages {
any any;
authorization info;
}
file interactive-commands {
any any;
interactive-commands any;
}
file zone-deny {
any any;
match RT_FLOW_SESSION;
apply-groups default-deny-template;
I deleted my trust to trust zone deactived the " apply groups" and while traffic was blocked the log file did not show this,
why is this not working?
2. if i run a port scan from the internet it show all ports open, the untrust to trust is a default deny I only allow port 80 to my web server. also again the zone-deny does not show any dropped packets. should i be running a FW filter here?
3. I have one Dnat for my web server I tried to add another one and it gives me and error (it was a temp one for support for my security camera system)
am i missing somthing here? I have done the zone-deny many times at work and it always shows in the logs.
im taking the JNCIS-SEC in a few week and i'm just trying to learn as much as possible not only for my job but my house netowork.