Security Mode Configuration Commands
148
ProSafe Gigabit Quad WAN SSL VPN Firewall SRX5308
Command example: See the command example for the security firewall ipv4 add_rule lan_dmz
outbound command.
Related show command: show security firewall ipv4 setup lan_dmz
security firewall ipv4 add_rule lan_dmz inbound
This command configures a new IPv4 LAN DMZ inbound firewall rule. After you have issued
the security firewall ipv4 add_rule lan_dmz inbound command, you enter the
security-config [firewall-ipv4-lan-dmz-outbound] mode, and then you can configure one
keyword and associated parameter or associated keyword at a time in the order that you
prefer. However, note that the setting of the action keyword determines which other
keywords and parameters can you can apply to a rule.
Logging
log NEVER or ALWAYS Specifies whether logging is
disabled or enabled.
Step 1 Format security firewall ipv4 add_rule lan_dmz inbound
Mode security
Step 2 Format service_name {default_services <default service name> |
{custom_services <custom service name>}
action {ALWAYS_BLOCK | ALWAYS_ALLOW |
BLOCK_BY_SCHEDULE_ELSE_ALLOW {schedule {Schedule1 |
Schedule2 | Schedule3}} | ALLOW_BY_SCHEDULE_ELSE_BLOCK
{schedule {Schedule1 | Schedule2 | Schedule3}}}
lan_users {address_wise {ANY | SINGLE_ADDRESS {lan_user_start_ip
<ipaddress>} | ADDRESS_RANGE {lan_user_start_ip <ipaddress>}
{lan_user_end_ip <ipaddress>}} | group_wise <group name>}
dmz_users {ANY | SINGLE_ADDRESS {dmz_user_start_ip <ipaddress>}
| ADDRESS_RANGE {dmz_user_start_ip <ipaddress>}
{dmz_user_end_ip <ipaddress>}}
log {NEVER | AL
WAYS}
Mode security-config [firewall-ipv4-lan-dmz-inbound]
Keyword (might consist of two
separate words)
Associated Keyword to Select or
Parameter to Type
Description
To Next Page
Loading...
