Hello all.....somewhat new to Junos and definitely w firewall filters. I want to achieve a couple basic things in regards to an isolated vlan\subnet I have here.
One is.... in term 1... allow dns, dhcp, ntp, ldap, http\s etc for the devices living on the vlan 2222
Second is, allow only my station (located on another vlan) to be able to ping and ssh to devices on said vlan.
Then...reject everything else.
The filter is created on a 4300 building "core" switch...the subsequent "access" switches (ex3300s) are trunked off of that. All is well conectivity-wise. When I apply the filter (inbound) to the irb interface on the 4300, I can not ssh or ping the devices that live on valn 2222.
I've done quite a bit a googleing and testing, to no avail-- it should not be this hard! Can somebody enlighten me to what I'm doing wrong. Do I need to write...