Home » Configuring Firewalls » Configuring Juniper Devices

Configuring Juniper Devices


Firewall Analyzer supports the following Juniper devices.

 

Configuring to send Syslog Messages from SRX device

Using J-Web

  1. Log in to the Juniper SRX device.
  2. Click Configure > CLI Tools > Point and Click CLI in the Juniper SRX device.
  3. Expand System and click Syslog.
  4. In the Syslog page, click Add New Entry placed next to 'Host'.
  5. Enter the IP address of the remote Syslog server (i.e., Firewall Analyzer).
  6. Click Apply to save the configuration.

Using CLI

  1. Log in to the Juniper SRX device CLI console.
  2. Execute the following command:
user@host#  set system syslog host <IP address of the remote Syslog server (i.e., Firewall Analyzer)> any any

 

 

Juniper SRX Firewall Syslog Server Configuration

 

To enable logging for Security policy:

Using J-Web

  • Select Configure > Security > Policy > FW Policies.
  • Click on the policy for which you would like to enable logging.
  • Navigate to Logging/Count and in Log Options, select Log at Session Close Time.

Using CLI

  1. Log in to the Juniper SRX device CLI console.
  2. Execute the following command:

user@host# set security policies from-zone trust to-zone untrust policy permit-all then log session-close

 

Juniper SRX Firewall Policy Configuration

Juniper Networks IDP Device (version IDP 50)

Configuring to send Syslog Messages directly from Sensor

  1. Log in to the Juniper Networks IDP device.
  2. Click Device > Report Settings > Enable Syslog in the Juniper Networks IDP device.
  3. Select the Enable Syslog Messages check box.
  4. Click Apply to save the changes.

This configuration will generate syslogs for:

  • All attacks
  • Policy load
  • Restart

This configuration will not provide:

  • Profiler logs
  • Device connect/disconnect logs
  • Interface UP/DOWN logs
  • Logs for Bypass State Changes

Configuring to send Syslog Messages from NSM

  1. Log in to NSM.
  2. Click Action Manager > Action Parameters > Define a Syslog Server in the NSM.
  3. Click Action Manager > Device Log Action Criteria > Category in the NSM.
  4. Select Category = all and Actions = syslog enable
  5. Click Apply to save the changes.

This configuration will generate syslogs for:

  • All attacks
  • Policy load
  • Restart
  • Profiler logs
  • Device connect/disconnect logs

This configuration will not provide:

  • Interface UP/DOWN logs
  • Logs for Bypass State Changes

 

 

Copyright © 2014, ZOHO Corp. All Rights Reserved.
ManageEngine