Try putting an loopback interface into the vrf e.g lo0.1 and applying the filer to that.
On Sat, Mar 19, 2016 at 4:02 PM, Raphael Mazelier <[email protected]> wrote: > > >> >> On EX, you should be able to protect the RE using a filter on lo0 in the >> main routing instance (not in the VRF itself). >> But be aware that this does not work on tha ACX-series (for some strange >> reason)... >> >> > Yep the firewall filter work for interfaces that are on the main > routing-instance. But for some reason the filter does not apply on traffic > coming from interface placed in a vrf to the RE. > > > -- > Raphael Mazelier > > _______________________________________________ > juniper-nsp mailing list [email protected] > https://puck.nether.net/mailman/listinfo/juniper-nsp > -- Luca Salvatore Manager, Network Team | DigitalOcean Phone: +1 (929) 214-7242 _______________________________________________ juniper-nsp mailing list [email protected] https://puck.nether.net/mailman/listinfo/juniper-nsp
