Security Mode Configuration Commands
138
ProSafe Gigabit Quad WAN SSL VPN Firewall SRX5308
Command example:
SRX5308>
security firewall ipv4 add_rule dmz_wan inbound
security-config[firewall-ipv4-dmz-wan-inbound]>
service_name custom_services BOOTP_CLIENT
security-config[firewall-ipv4-dmz-wan-inbound]>
action ALWAYS_ALLOW
security-config[firewall-ipv4-dmz-wan-inbound]>
send_to_dmz_server_ip 192.168.24.112
security-config[firewall-ipv4-dmz-wan-inbound]>
translate_to_port_number enable Y
dmz_user_start_ip ipaddress There are two options:
• The IP address if the dmz_users
keyword is set to
SINGLE_ADDRESS.
• The start IP address if the
dmz_users keyword is set to
ADDRESS_RANGE.
dmz_user_end_ip ipaddress The end IP address if the
dmz_users keyword is set to
ADDRESS_RANGE.
wan_users address_wise ANY, SINGLE_ADDRESS, or
ADDRESS_RANGE
Specifies the type of WAN address.
The address_wise and
group_wise keywords are
mutually exclusive.
wan_user_start_ip ipaddress There are two options:
• The IP address if the wan_user
keyword is set to
SINGLE_ADDRESS.
• The start IP address if the
wan_user keyword is set to
ADDRESS_RANGE.
wan_user_end_ip ipaddress The end IP address if the
wan_user keyword is set to
ADDRESS_RANGE.
wan_users group_wise group name The name of the WAN IP group.
The WAN IP group name is a name
that you have specified with the
security services ip_group add
command.
The address_wise and
group_wise keywords are
mutually exclusive.
QoS profile and logging
qos_profile profile name The name of the QoS profile that
you have specified with the security
services qos_profile add command.
log NEVER or ALWAYS Specifies whether logging is
disabled or enabled.
Keyword (might consist of two
separate words)
Associated Keyword to Select or
Parameter to Type
Description
To Next Page
Loading...
