• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 606
  • Last Modified:

Disconnect connection in use on Juniper Netscreen 25 firewall

From the GUI:
Objects > Addresses > List
I have a couple of IP addresses that are showing "In Use" that i want to disconnect and then block (including logging for attempts). I am fairly certain i am configuring the block rule correctly, however, this connection has been in a status of "In Use" for quite some time now.

I configured the block rule under:
Policies > Untrust to Trust ANY ANY Deny (Logging enabled)

I want to disconnect any active connections, and ensure this IP address is not connected. Thanks for your help!
  • 2
1 Solution
The list you mention does not tell you if the object is connected bud.

Objects > Addresses > List is just a list.

The part re "in use" means that this object is "in use" in a security rule.  Unless you delete all rules and references to the object, it will always say "in use".

To see if there are any live connections going through the box regarding a specific host then you will be better using the CLI.

Use the following:

get session src-ip <ip address of host>
get session dst-ip <ip address of host>

Have a look at the output, if you want to block all sessions, then your end result is to have nothing returned to both of these.  If there are any entries returned, review the src and dst in the entries and add more rules.
mray77Author Commented:
Awesome. Thanks. Obviously i'm pretty green with the GUI.
No worries bud, we all start somewhere.

Let us know if you need anything else. :P
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Network Scalability - Handle Complex Environments

Monitor your entire network from a single platform. Free 30 Day Trial Now!

  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now