Hi,
What should i do, when i need to permit ssh access to 20nos of random ip's from a huge segment.And deny everything else.
set security policies from-zone trust to-zone srv-frm policy srv-access match source-address srv_admin_list
set security policies from-zone trust to-zone srv-frm policy srv-access match destination-address srv_list
set security policies from-zone trust to-zone srv-frm policy srv-access match source-address-excluded
set security policies from-zone trust to-zone srv-frm policy srv-access match application junos-ssh
set security policies from-zone trust to-zone srv-frm policy srv-access then deny
set security policies from-zone trust to-zone srv-frm policy srv-access then log session-init
set security policies from-zone trust to-zone srv-frm policy srv-access then log session-close
In the "srv_admin_list" i have 10 random ip's.And these are allowed to connect.And they are working fine.But when I add more than ten it refuces to add the ip's.And getting the message the limit of source-address are 10Nos.I need 20 random IP's to be added.I was forced to use "source-address-excluded" because there is a "permit any any" statement which is used by some traffic which I dont want to disrupt.
Best Regards,
S.Syed