Juniper SRX Firewall – Allow ‘Ping’

KB ID 0000706 

Problem

I was working on an SRX100B Firewall yesterday, and needed to be able to ping the outside interface.

Solution

Note: You can quickly enable ping on a physical interface from CLI like so;

[box] set security zone security-zone trust interface ge-0/0/0 host-inbound-traffic system services ping
[/box]

1. Log into the web console of the Juniper.

2. Navigate to Security > Zones/Screen > Select the ‘Untrust’ Zone > Edit > Host inbound traffic – Interface > Under Interface services add in ‘ping’ > OK.

Note: To allow pinging of the inside interface select the trusted zone.

3. Then to save the change click Action > Commit.

Related Articles, References, Credits, or External Links

Original Article Written 07/11/12