Juniper SRX Firewall – Allow ‘Ping’

KB ID 0000706 


I was working on an SRX100B Firewall yesterday, and needed to be able to ping the outside interface.


Note: You can quickly enable ping on a physical interface from CLI like so;

set security zone security-zone trust interface ge-0/0/0 host-inbound-traffic system services ping

1. Log into the web console of the Juniper.

2. Navigate to Security > Zones/Screen > Select the ‘Untrust’ Zone > Edit > Host inbound traffic – Interface > Under Interface services add in ‘ping’ > OK.

Note: To allow pinging of the inside interface select the trusted zone.

Juniper Enable PING

3. Then to save the change click Action > Commit.

Juniper Enable ICMP

Related Articles, References, Credits, or External Links

Original Article Written 07/11/12


Author: Migrated

Share This Post On