admin# set security zones security-zone untrust interfaces ge-0/0/0
admin# set security zones security-zone trust interfaces ge-0/0/1
admin# set security zones security-zone trust interfaces ge-0/0/1.0 host-inbound-traffic
system-services all
admin# set security zones security-zone trust interfaces ge-0/0/1.0 host-inbound-traffic
protocols all
14. Configure basic security policies.
[edit]
admin# set security policies from-zone trust to-zone trust policy policy-name match
source-address any destination-address any application any
admin# set security policies from-zone trust to-zone trust policy policy-name then permit
admin# set security policies from-zone trust to-zone untrust policy policy-name match
source-address any destination-address any application any
admin# set security policies from-zone trust to-zone untrust policy policy-name then permit
NOTE: The actual configuration of the policies depends on your
requirements.
15. Check the configuration for validity.
[edit]
admin# commit check
configuration check succeeds
16. Commit the configuration to activate it on the services gateway.
[edit]
admin# commit
commit complete
17. Optionally, display the configuration to verify that it is correct.
[edit]
admin# show
18. Optionally, configure additional properties by adding the necessary configuration
statements. Then commit the changes to activate them on the services gateway.
[edit]
admin# commit
19. When you have finished configuring the services gateway, exit configuration mode.
Copyright © 2017, Juniper Networks, Inc.80
SRX345 Services Gateway Hardware Guide
To Next Page
Loading...
