Solved

specify a range of addresses in SSG140 (Screen OS 6.0.0r5.0 (Firewall+VPN))

Posted on 2008-06-23
7
720 Views
Last Modified: 2012-05-05
I want to have a policy defined for a range of IP address (192.168.0.1-192.168.0.99 and 192.168.2.41-192.168.2.99) in SSG140, from trust -untrust. Bu the problem is that I am not able to define these range of IPs in Policy > Policy Elements > Addresses > List. I am able to define a single IP or a domain name. Can any one tell me how to do it (from web not CLI)

0
Comment
Question by:Zacharia Kurian
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 3
7 Comments
 
LVL 32

Accepted Solution

by:
dpk_wal earned 250 total points
ID: 21864996
I do not think what you wish to do is possible; you can define either a single IP [add all of them one-by-one really a bad solution] or IP/subnet [you would need to make sure that the subnet is big enough to cover all the IP addresses and there is no overlap] and then use the address object or address object group in the policy.

Other option is to create a policy based routing and in an access list add wildcard which would take care of the IP address you wish to put.
Currently you cannot put the wildcard in a policy, it has to be through a policy based routing [configured in virtual router, along with extended access list, action and match groups, policy and policy binding].

Please let know if you need more details.

Thank you.
0
 
LVL 9

Author Comment

by:Zacharia Kurian
ID: 22210609
After contacting the juniper, I am convinced that I can not assign a range of IPS. So I would like to close this question
0
 
LVL 32

Expert Comment

by:dpk_wal
ID: 22211189
Sorry that the device currently does not support what you wish to implement in an easy way.
0
Automating Your MSP Business

The road to profitability.
Delivering superior services is key to ensuring customer satisfaction and the consequent long-term relationships that enable MSPs to lock in predictable, recurring revenue. What's the best way to deliver superior service? One word: automation.

 
LVL 9

Author Comment

by:Zacharia Kurian
ID: 22708781
I have already posted my answer which I got from the Juniper and I requested to close it
0
 
LVL 32

Expert Comment

by:dpk_wal
ID: 22709085
I think the solution is what I had suggested as well, comment ID: 21864996.
0
 
LVL 9

Author Comment

by:Zacharia Kurian
ID: 22709607
When I requested to close this question in event  -ID: 22210609, no objection was raised. so how come now? Recently Junipe mentioned that they are working on the problem I mentioned (they consider it as a needed feature in the coming screen OS versions). So where am I?
0
 
LVL 32

Expert Comment

by:dpk_wal
ID: 22709740
In my comment I had mentioned "I do not think what you wish to do is possible" and then also possible workarounds for the problem.

So, I think a solution which was technically correct was offered for the problem; don't think that this question should be deleted.

Thank you.
0

Featured Post

Free learning courses: Active Directory Deep Dive

Get a firm grasp on your IT environment when you learn Active Directory best practices with Veeam! Watch all, or choose any amount, of this three-part webinar series to improve your skills. From the basics to virtualization and backup, we got you covered.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Most of the applications these days are on Cloud. Cloud is ubiquitous with many service providers in the market. Since it has many benefits such as cost reduction, software updates, remote access, disaster recovery and much more.
Keystroke loggers have been around for a very long time. While the threat is old, some of the remedies are new!
If you're a developer or IT admin, you’re probably tasked with managing multiple websites, servers, applications, and levels of security on a daily basis. While this can be extremely time consuming, it can also be frustrating when systems aren't wor…
Michael from AdRem Software outlines event notifications and Automatic Corrective Actions in network monitoring. Automatic Corrective Actions are scripts, which can automatically run upon discovery of a certain undesirable condition in your network.…

628 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question