Security Mode Configuration Commands
142
ProSafe Gigabit Quad WAN SSL VPN Firewall SRX5308
Command example: See the command example for the security firewall ipv4 add_rule dmz_wan
inbound command.
Related show command: show security firewall ipv4 setup dmz_wan
security firewall ipv4 add_rule lan_dmz outbound
This command configures a new IPv4 LAN DMZ outbound firewall rule. After you have issued
the security firewall ipv4 add_rule lan_dmz outbound command, you enter
the security-config [firewall-ipv4-lan-dmz-outbound] mode, and then you can configure one
keyword and associated parameter or associated keyword at a time in the order that you
prefer. However, note that the setting of the action keyword determines which other
keywords and parameters can you can apply to a rule.
wan_user_end_ip ipaddress The end IP address if the
wan_user keyword is set to
ADDRESS_RANGE.
wan_users group_wise group name The name of the WAN IP group.
The WAN IP group name is a name
that you have specified with the
security services ip_group add
command.
The address_wise and
group_wise keywords are
mutually exclusive.
QoS profile and logging
qos_profile profile name The name of the QoS profile that
you have specified with the security
services qos_profile add command.
log NEVER or ALWAYS Specifies whether logging is
disabled or enabled.
Step 1 Format security firewall ipv4 add_rule lan_dmz outbound
Mode security
Step 2 Format service_name {default_services <default service name> |
{custom_services <custom service name>}
action {ALWAYS_BLOCK | ALWAYS_ALLOW |
BLOCK_BY_SCHEDULE_ELSE_ALLOW {schedule {Schedule1 |
Schedule2 | Schedule3}} | ALLOW_BY_SCHEDULE_ELSE_BLOCK
{schedule {Schedule1 | Schedule2 | Schedule3}}}
Keyword (might consist of two
separate words)
Associated Keyword to Select or
Parameter to Type
Description
To Next Page
Loading...
