SNMP soll über das Management IF erlaubt werden:
snmp {
community woXXXXXX {
authorization read-only;
clients {
172.25.XXX.0/24;
10.0.0.0/8;
}
}
}
Klappt nicht, da es am Firewall abgefangen wird, hier die Korrektur:
admin@SRX1# show | compare
[edit firewall family inet filter accept-common-services]
term accept-ntp { ... }
+ term accept-snmp {
+ filter accept-snmp;
+ }
[edit firewall family inet filter accept-snmp term accept-snmp from]
+ source-address {
+ 172.25.XXX.0/24;
+ 10.0.0.0/8;
+ }
+ protocol udp;
[edit firewall family inet filter accept-snmp term accept-snmp from]
+ interface ge-0/0/15.0;
- interface lo0.0;