 |
Copyright © 2009, Juniper Networks, Inc. All rights reserved. Trademark Notice. | |
Review the services that Enterprise Manager Portal requires to ensure that configuration of these services works in your environment. These services are firewall exceptions—services that define the types of traffic that a firewall admits or blocks.
Enterprise Manager Portal requires that specific services be configured to cover each of the following traffic actions:
These actions are required for each traffic direction; that is, traffic:
Table 12 lists the names of services required by Enterprise Manager Portal. The naming convention for the services specifies both action and direction; for example, for the FWR_Fwd_Out service:
Services configured to reject traffic return a “ network-unreachable” ICMP message.
Table 12: Stateless Firewall Services in Sample Data
The services are located under l=entJunosStatelessFW, o=Scopes, o=umc in the sample data. These services and the associated policies configured in the sample data are designed for a subscriber–facing interface on a provider edge device.
In most cases you can use the services as configured. If needed—for example, for a service provider–facing interface in a customer edge device—you can customize the services listed in Table 12, but do not change the names.
To customize services for an enterprise-facing interface, change the configuration for:
You can also create services that provide custom exceptions to a firewall. Portal users can select custom exceptions under Firewall actions on the Firewall page in Enterprise Manager Portal.
|
Copyright © 2009, Juniper Networks, Inc. All rights reserved. Trademark Notice. | |