[edit]
admin# set security zones security-zone untrust interfaces ge-0/0/0
admin# set security zones security-zone trust interfaces ge-0/0/1
admin# set security zones security-zone trust interfaces ge-0/0/1.0
host-inbound-traffic system-services all
admin# set security zones security-zone trust interfaces ge-0/0/1.0
host-inbound-traffic protocols all
13. Configure basic security policies.
[edit]
admin# set security policies from-zone trust to-zone untrust policy policy-name match
source-address any destination-address any application any
admin# set security policies from-zone trust to-zone untrust policy policy-name then
permit
14. Create a Network Address Translation (NAT) rule for source translation of all
Internet-bound traffic.
[edit]
admin# set security nat source rule-set interface-nat from zone trust
admin# set security nat source rule-set interface-nat to zone untrust
admin# set security nat source rule-set interface-nat rule rule1 match source-address
0.0.0.0/0 destination-address 0.0.0.0/0
admin# set security nat source rule-set interface-nat rule rule1 then source-nat interface
15. Check the configuration for validity.
[edit]
admin# commit check
configuration check succeeds
16. Commit the configuration to activate it on the device.
[edit]
admin# commit
commit complete
17. Optionally, display the configuration to verify that it is correct.
[edit]
admin# show
18. Optionally, configure additional properties by adding the necessary configuration
statements. Then commit the changes to activate them on the services gateway.
[edit]
admin@device# commit
19. When you have finished configuring the services gateway, exit configuration mode.
[edit]
admin@device# exit
admin@device>
Related
Documentation
Connecting to the SRX550 High Memory Services Gateway from the CLI Locally on
page 131
•
• Connecting to the SRX550 High Memory Services Gateway from the CLI Remotely on
page 133
135Copyright © 2016, Juniper Networks, Inc.
Chapter 18: Performing Initial Configuration
To Next Page
Loading...
