Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

Range Port Forwarding on Juniper SSG5

Posted on 2013-12-18
6
Medium Priority
?
1,045 Views
Last Modified: 2014-03-19
Hi,

I'm trying to open ports 10000-20000 on a Juniper SSG 5.

I know how to do it for individual ports via VIP but is there a way to do more ports in one go?

Thanks
0
Comment
Question by:MattToner
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 3
6 Comments
 
LVL 71

Expert Comment

by:Qlemo
ID: 39727264
Just define a custom service using the port range. Then add that service in the VIP definition, and provide the first (!) port to map the VIP to (10000).
The according policy for that VIP will automatically allow traffic from those ports, so nothing to do there, if you already have a policy for the VIP.
0
 

Author Comment

by:MattToner
ID: 39727278
I have tried that, but it hits a limit of 64 ports.
0
 
LVL 71

Expert Comment

by:Qlemo
ID: 39727339
Possible. That's the way VIP works, it is not intended to have such a wide-spread port range, and unless you want to break it down to 64 ports packages, there is no way around.

You should consider using a MIP instead - if you've got more than one public IP, that is.

Or maybe you should explain why you would need to do that - there might be better options.
0
VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

 

Author Comment

by:MattToner
ID: 39727414
its due to Voice Traffic, (RTP)

I will have a play with MIP instead

Thank you.
0
 
LVL 71

Accepted Solution

by:
Qlemo earned 2000 total points
ID: 39727437
NAT with VoIP might be an issue in itself, but using a MIP is better than a VIP for that.
0
 

Author Comment

by:MattToner
ID: 39727490
done using MIP and working fine now...

Thanks for your help.
0

Featured Post

When ransomware hits your clients, what do you do?

MSPs: Endpoint security isn’t enough to prevent ransomware.
As the impact and severity of crypto ransomware attacks has grown, Webroot fought back, not just by building a next-gen endpoint solution capable of preventing ransomware attacks but also by being a thought leader.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This paper addresses the security of Sennheiser DECT Contact Center and Office (CC&O) headsets. It describes the DECT security chain comprised of “Pairing”, “Per Call Authentication” and “Encryption”, which are all part of the standard DECT protocol.
Will you be ready when the clock on GDPR compliance runs out? Is GDPR even something you need to worry about? Find out more about the upcoming regulation changes and download our comprehensive GDPR checklist today !
If you're a developer or IT admin, you’re probably tasked with managing multiple websites, servers, applications, and levels of security on a daily basis. While this can be extremely time consuming, it can also be frustrating when systems aren't wor…
We’ve all felt that sense of false security before—locking down external access to a database or component and feeling like we’ve done all we need to do to secure company data. But that feeling is fleeting. Attacks these days can happen in many w…
Suggested Courses

618 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question