To enable the SRX Series device to perform the inspection of GPRS Tunneling Protocol (GTP) traffic, you must create a GTP inspection object and then apply it to a policy. GTP inspection objects provide more flexibility in that they allow you to configure multiple policies that enforce different GTP configurations. You can configure the SRX Series device to control GTP traffic differently based on source and destination zones and addresses, action, and so on.
To configure GTP features, you must enter the context of a GTP configuration. To save your settings in the CLI, you must first exit the GTP configuration, then enter the commit command.
In this example, you create a GTP inspection object named LA-NY. You preserve most of the default values, but you enable the Sequence Number Validation feature.
- user@host# set security gprs gtp profile la-ny
- user@host# set security gprs gtp profile la-ny seq-number-validated
- user@host# commit