Dear All,
I hope you are well.
I have configured my UTM juniper ssg 20 to permit access from untrust zone by only one ip address but it doesnt work; I have configured UTM as follow:
Source : ip addr from untrust zone
Dest : IP addr of UTM untrust interface
Service : https
etc.
After this configuration, all ip adrr from untrust can get access on UTM.
I need your help to limit access to the only ip add from untrust zone
note that I have not others policies from untrust zone to trust zone
Thanks
no update, please?
Please share your config.
see my config in attachment.
That is not your config. It is a screen shot of one line of your policies.
Your description is not clear to me. But I think you are trying to restrict access to the SSG web management interface on the untrust zone to a specific ip address.
If this is the case, you would be using the manager-ip function and not security policies.
But manager-ip applies to all interfaces on the device regardless of zone that are enabled for management access. So in addition to adding your outside address you would also need to add the inside network addresses that would need management access on the trust interfaces.
And remember to add the network segment you are currently connected from FIRST. As these restrictions take place immediately cutting off your access otherwise.
Web UI:
Configuration--Admin--Permitted IPs
CLI:
set admin manager-ip 192.168.0.0 255.255.0.0