EX4200 tcp-established Q

Hey,

We are migrating alot of acls from IOS to JunOS on the 4200 platform. The majority of our ACLs are used in the egress direction. A common thing we do in many acls is allow tcp-established and log/syslog certain rules and so forth.

After converting a few ACLs and putting them on the 4200 it soon became apparent that tcp-established and actions such as syslog and log were not supported?!?

I later found this link Firewall Filter Match Conditions and Actions for EX Series Switches which confirmed this.

Is anyone aware of a work around for this? i really cant fathom why some basic features like log would be unsupported?

Any help would be much appreciated.

Thanks

Find more posts tagged with

Comments

hasan1507

Subjected issue is discussed here

ex4200 egress filter with tcp-established - J-Net Community

nel

Hi,

Thanks for that. I spotted it the other day.

nel

11.S1 has resolved the tcp-established issue from the tests conducted...now all we need is the ability to log