Security Mode Configuration Commands
117
ProSafe Gigabit Quad WAN SSL VPN Firewall SRX5308
Keyword (might consist of two
separate words)
Associated Keyword to Select or
Parameter to Type
Description
Service name, action, and schedule
service_name
default_services
ANY, AIM, BGP, BOOTP_CLIENT,
BOOTP_SERVER, CU-SEEME:UDP,
CU-SEEME:TCP, DNS:UDP, DNS:TCP,
FINGER, FTP, HTTP, HTTPS,
ICMP-TYPE-3, ICMP-TYPE-4,
ICMP-TYPE-5, ICMP-TYPE-6,
ICMP-TYPE-7, ICMP-TYPE-8,
ICMP-TYPE-9, ICMP-TYPE-10,
ICMP-TYPE-11, ICMP-TYPE-13,
ICQ, IMAP2, IMAP3, IRC, NEWS, NFS,
NNTP, PING, POP3, PPTP, RCMD,
REAL-AUDIO, REXEC, RLOGIN,
RTELNET, RTSP:TCP, RTSP:UDP,
SFTP, SMTP, SNMP:TCP, SNMP:UDP,
SNMP-TRAPS:TCP,
SNMP-TRAPS:UDP, SQL-NET,
SSH:TCP, SSH:UDP, STRMW
ORKS,
TACACS, TELNET, TFTP, RIP, IKE,
SHTTPD, IPSEC-UDP-ENCAP, IDENT,
VDOLIVE, SSH, SIP-TCP, SIP-UDP,
NFS-TCP, or RPC-TCP
Specifies the default service and
protocol to which the firewall rule
applies.
service_name
custom_services
custom service name The custom service that you have
configured with the security
services add command and to
which the firewall rule applies.
action ALWAYS_BLOCK, ALWAYS_ALLOW,
BLOCK_BY_SCHEDULE_ELSE_ALLOW,
or
ALLOW_BY_SCHEDULE_ELSE_BLOCK
Specifies the type of action to be
enforced by the rule.
schedule Schedule1, Schedule2, or
Schedule3
Specifies the schedule, if any, that
is applicable to the rule.
LAN user addresses or LAN group and WAN user addresses
lan_users address_wise ANY, SINGLE_ADDRESS, or
ADDRESS_RANGE
Specifies the type of LAN address.
The address_wise and
group_wise keywords are
mutually exclusive.
lan_user_start_ip ipaddress There are two options:
• The IP address if the lan_users
address_wise keywords are set
to SINGLE_ADDRESS.
• The start IP address if the
lan_users address_wise
keywords are set to
ADDRESS_RANGE.
To Next Page
Loading...
