Quantcast
Channel: All SRX Services Gateway posts
Viewing all articles
Browse latest Browse all 17645

Re: RT_ALG_WRN_CFG_NEED

$
0
0

Hi all,

I have persistent & consistent the following logs, it is being generating every 4 seconds. It seems that by default MSRPC is enabled.

In order to get some logs via traceoptions about denied the associated traffic (MSRPC ALG), I created the follwing traceoptions with packet filter but I couldn't see any deny in the whole log files -alg_deny. 

If this log -MSRPC being denied, I should be seeing a deny traffic. But not... Where is my mistake or where am I not doing correct troubleshooting? Any ideas please? 

 

May 20 14:07:33 VItSRX320 junos-alg: RT_ALG_WRN_CFG_NEED: MSRPC ALG detected packet from 10.10.3.29/57624 which need extra policy config with UUID:f309ad18-d86a-11d0-a075-00c04fb68820 or 'junos-ms-rpc-any' to let it pass-through on ASL session

 

VItSRX320> show security alg status
ALG Status :
DNS : Enabled
FTP : Enabled
H323 : Enabled
MGCP : Enabled
MSRPC : Enabled
PPTP : Enabled
RSH : Disabled
RTSP : Enabled
SCCP : Disabled
SIP : Disabled
SQL : Disabled
SUNRPC : Enabled
TALK : Enabled
TFTP : Enabled
IKE-ESP : Disabled

VItSRX320>

 

VItSRX320>show configuration security | display set | match alg
set security alg sccp disable
set security alg sip disable

 

My traceoptions with the filter:

set security flow traceoptions file alg_deny files 2 size 1m world-readable
set security flow traceoptions flag all
set security flow traceoptions packet-filter packet_filter1 source-prefix 10.10.3.29

 

 

VItSRX320>file list detail /var/log/ | match alg
-rw-r--r-- 1 root wheel 767199 May 20 13:41 alg_deny
-rw-r--r-- 1 root wheel 84685 May 20 13:40 alg_deny.0.gz

Thanks

Arix

 


Viewing all articles
Browse latest Browse all 17645

Trending Articles



<script src="https://jsc.adskeeper.com/r/s/rssing.com.1596347.js" async> </script>