Example: Configuring the TCP-Reset Parameter

This example shows how to configure the TCP-Reset parameter for a zone.

• Requirements
• Overview
• Configuration
• Verification

Requirements

Before you begin, configure security zones. See Example: Creating Security Zones.

Overview

When the TCP-Reset parameter feature is enabled, the system sends a TCP segment with the RESET flag set when traffic arrives that does not match an existing session and does not have the SYNchronize flag set.

Configuration

Step-by-Step Procedure

To configure the TCP-Reset parameter for a zone:

1. Configure a security zone.
   [edit]
   user@host# edit security zones security-zone ABC
2. Configure the TCP-Reset parameter for the zone.
   [edit security zones security-zone ABC]
   user@host# set tcp-rst
3. If you are done configuring the device, commit the configuration.
   [edit]
   user@host# commit

Verification

To verify the configuration is working properly, enter the show security zones command.

Related Topics

• Junos OS CLI Reference
• Junos OS Feature Support Reference for SRX Series and J Series Devices
• Understanding How to Identify Duplicate Sessions Using the TCP-Reset Parameter