Support Support Downloads Knowledge Base Juniper Support Portal Community

Knowledge Base

Search our Knowledge Base sites to find answers to your questions.

Ask All Knowledge Base Sites All Knowledge Base Sites JunosE Defect (KA)Knowledge BaseSecurity AdvisoriesTechnical BulletinsTechnotes Sign in to display secure content and recently viewed articles

[ScreenOS] What email address string should the be using while sending email alerts?

0

0

Article ID: KB27468 KB Last Updated: 24 Oct 2013Version: 1.0
Summary:

This article explains different scenarios related to which email address string the firewall should be using for sending email alerts.

Symptoms:

In this example, no combination of domain and host name has been set. The following configuration is on the device with respect to email alert:

set admin mail alert
set admin mail server-name "10.10.10.10"
set admin mail mail-addr1 "abc@juniper.net"

The email server is reachable via interface Ethernet0/0 which is in Trust Zone.

set interface ethernet0/0 ip 10.10.10.100/24

Even though the mail server is reachable via the trust interface, the firewall was using the email address as netscreen_admin@[1.1.1.1] to email alerts.

IP address 1.1.1.1 is the IP address of interface ethernet0/2 which is in the untrust zone.


Cause:

Solution:
The firewall is designed to use the IP address defined on the untrust interface for email alerts.

Case-1 : Multiple interfaces belong to untrust zone.
======


We have two interfaces belonging to the untrust zone:
set interface ethernet2/2 ip 5.5.5.5/24

set interface ethernet2/5 ip 55.55.55.55/24

In this case, the firewall will use the IP address defined on the lowest numbered interface; in this case it will use the IP address of ethernet2/2.

In debug send mail all, we can see the following:

## 2013-05-08 14:55:14 : send: MAIL FROM: <netscreen_admin@[5.5.5.5]>

Case-2 : No interface belongs to untrust zone.
======

In a case where no interface belongs to the untrust zone, the firewall will be using the email string netscreen_admin@[0.0.0.0].

In debug send mail all, the following will be seen:

## 2013-05-08 15:20:14 : send: MAIL FROM: netscreen_admin@[0.0.0.0]
Comment on this article > Affected Products Browse the Knowledge Base for more articles related to these product categories. Select a category to begin.

Getting Up and Running with Junos

Getting Up and Running with Junos Security Alerts and Vulnerabilities Product Alerts and Software Release Notices Problem Report (PR) Search Tool EOL Notices and Bulletins JTAC User Guide Customer Care User Guide Pathfinder SRX High Availability Configurator SRX VPN Configurator Training Courses and Videos End User Licence Agreement Global Search