Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

TechLibrary
Navigation
Table of Contents
Guide That Contains This Content
[+] Expand All
[-] Collapse All

    Example: Applying an Outbound Traffic Filter

    After you have configured the outbound firewall filter, you apply it:

    [edit interfaces] fe-0/0/1 {unit 0 {family inet {filter {input ipsec-encrypt-policy-filter;}address 10.1.1.254/24; }}}

    The outbound filter is applied on the Fast Ethernet interface at the [edit interfaces fe-0/0/1 unit 0 family inet] hierarchy level. Any packet matching the IPsec action term (term 1) on the input filter (ipsec-encrypt-policy-filter), configured on the Fast Ethernet interface, is directed to the ES PIC interface at the [edit interfaces es-0/1/0 unit 0 family inet] hierarchy level. If a packet arrives from the source address 10.1.1.0/24 and goes to the destination address 10.2.2.0/24, the Packet Forwarding Engine directs the packet to the ES PIC interface, which is configured with the manual-sa1 SA. The ES PIC receives the packet, applies the manual-sa1 SA, and sends the packet through the tunnel.

    The router must have a route to the tunnel endpoint; add a static route if necessary.

     

    Related Documentation

     

    Published: 2012-11-15

    Previous Page Next Page