Support Support Downloads Knowledge Base Case Manager My Juniper Community

Knowledge Base

Search our Knowledge Base sites to find answers to your questions.

Ask All Knowledge Base Sites All Knowledge Base Sites JunosE Defect (KA)Knowledge BaseSecurity AdvisoriesTechnical BulletinsTechnotes Sign in to display secure content and recently viewed articles

[ScreenOS] Firewall behavior when Reject is configured as an action in policy options

0

0

Article ID: KB33662 KB Last Updated: 30 Dec 2018Version: 1.0
Summary:

This article explains the behavior of the ScreenOS firewall when traffic on the firewall encounters policy options and Reject is configured as an action in the policy options.

 

Solution:
  • When Reject is configured as an action in the firewall policy options, the firewall drops the packet and sends a Connection Denied message to the originator.

  • In the case of TCP traffic, the firewall sends a TCP RST to the source IP address.

  • In the case of UDP traffic, the firewall drops the packet and sends an ICMP destination unreachable message.

  • For ICMP traffic, the ScreenOS gateway generates no response, and drops the packet.

 

Comment on this article > Affected Products Browse the Knowledge Base for more articles related to these product categories. Select a category to begin.

Getting Up and Running with Junos

Getting Up and Running with Junos Security Alerts and Vulnerabilities Product Alerts and Software Release Notices Problem Report (PR) Search Tool EOL Notices and Bulletins JTAC User Guide Customer Care User Guide Pathfinder SRX High Availability Configurator SRX VPN Configurator Training Courses and Videos End User Licence Agreement Global Search