• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 602
  • Last Modified:

Disconnect connection in use on Juniper Netscreen 25 firewall

From the GUI:
Objects > Addresses > List
I have a couple of IP addresses that are showing "In Use" that i want to disconnect and then block (including logging for attempts). I am fairly certain i am configuring the block rule correctly, however, this connection has been in a status of "In Use" for quite some time now.

I configured the block rule under:
Policies > Untrust to Trust
1.2.3.4/32 ANY ANY Deny (Logging enabled)

I want to disconnect any active connections, and ensure this IP address is not connected. Thanks for your help!
0
mray77
Asked:
mray77
  • 2
1 Solution
 
deimarkCommented:
The list you mention does not tell you if the object is connected bud.

Objects > Addresses > List is just a list.

The part re "in use" means that this object is "in use" in a security rule.  Unless you delete all rules and references to the object, it will always say "in use".

To see if there are any live connections going through the box regarding a specific host then you will be better using the CLI.

Use the following:

get session src-ip <ip address of host>
or
get session dst-ip <ip address of host>

Have a look at the output, if you want to block all sessions, then your end result is to have nothing returned to both of these.  If there are any entries returned, review the src and dst in the entries and add more rules.
0
 
mray77Author Commented:
Awesome. Thanks. Obviously i'm pretty green with the GUI.
0
 
deimarkCommented:
No worries bud, we all start somewhere.

Let us know if you need anything else. :P
0

Featured Post

A Cyber Security RX to Protect Your Organization

Join us on December 13th for a webinar to learn how medical providers can defend against malware with a cyber security "Rx" that supports a healthy technology adoption plan for every healthcare organization.

  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now