Hi All,
We have the following VLAN configured on EX 8200 in the same routing-instance
as the following:
Vlan 3 (IT Department) Address 172.22.3.0/24
Vlan 2 (HR Department) Address 172.22.2.0/24
Vlan 6 (Finance Department) Address 172.22.6.0/24
I want to allow IT Vlan to communicate with HR & Finance but I don't want HR &
Finance to communicate with IT Department
I created a filter firewall as the following
firewall {
family inet {
filter TEST {
term 1 {
from {
source-address {
172.22.2.0/24;
172.22.6.0/24;
}
}
then {
discard;
}
}
term 2 {
then accept;
}
}
And then I assign the filter to the interface vlan as the following:
interfaces {
vlan {
unit 3 {
family inet {
address 172.22.2.2/24 {
filter output TEST
The result after applying this change is
HR & Finance are unable to communicate with IT also IT is not communicate with
HR & Finance (not meeting our requirements)
Looking for your support
Regards,
Disclaimer: This message (including any attachments) is confidential and
intended solely for the person or organization to whom it is addressed. It may
contain privileged and confidential information. If you are not the intended
recipient, you should not copy, distribute or take any action in reliance on
it. If you have received this message in error, please notify us immediately by
telephoning or emailing the sender. This footnote also confirms that this email
message has been scanned for the presence of computer viruses.
_______________________________________________
juniper-nsp mailing list [email protected]
https://puck.nether.net/mailman/listinfo/juniper-nsp
