Security Mode Configuration Commands
149
ProSafe Gigabit Quad WAN SSL VPN Firewall SRX5308
Keyword (might consist of two
separate words)
Associated Keyword to Select or
Parameter to Type
Description
Service name, action, and schedule
service_name
default_services
ANY, AIM, BGP, BOOTP_CLIENT,
BOOTP_SERVER, CU-SEEME:UDP,
CU-SEEME:TCP, DNS:UDP, DNS:TCP,
FINGER, FTP, HTTP, HTTPS,
ICMP-TYPE-3, ICMP-TYPE-4,
ICMP-TYPE-5, ICMP-TYPE-6,
ICMP-TYPE-7, ICMP-TYPE-8,
ICMP-TYPE-9, ICMP-TYPE-10,
ICMP-TYPE-11, ICMP-TYPE-13,
ICQ, IMAP2, IMAP3, IRC, NEWS, NFS,
NNTP, PING, POP3, PPTP, RCMD,
REAL-AUDIO, REXEC, RLOGIN,
RTELNET, RTSP:TCP, RTSP:UDP,
SFTP, SMTP, SNMP:TCP, SNMP:UDP,
SNMP-TRAPS:TCP,
SNMP-TRAPS:UDP, SQL-NET,
SSH:TCP, SSH:UDP, STRMW
ORKS,
TACACS, TELNET, TFTP, RIP, IKE,
SHTTPD, IPSEC-UDP-ENCAP, IDENT,
VDOLIVE, SSH, SIP-TCP, SIP-UDP,
NFS-TCP, or RPC-TCP
Specifies the default service and
protocol to which the firewall rule
applies.
service_name
custom_services
custom service name Specifies the custom service that
you have configured with the
security services add command
and to which the firewall rule
applies.
action ALWAYS_BLOCK, ALWAYS_ALLOW,
BLOCK_BY_SCHEDULE_ELSE_ALLOW,
or
ALLOW_BY_SCHEDULE_ELSE_BLOCK
Specifies the type of action to be
enforced by the rule.
schedule Schedule1, Schedule2, or
Schedule3
Specifies the schedule, if any, that
is applicable to the rule.
LAN user addresses or LAN group and DMZ user addresses
lan_users address_wise ANY, SINGLE_ADDRESS, or
ADDRESS_RANGE
Specifies the type of LAN address.
The address_wise and
group_wise keywords are
mutually exclusive.
lan_user_start_ip ipaddress There are two options:
• The IP address if the lan_users
address_wise keywords are set
to SINGLE_ADDRESS.
• The start IP address if the
lan_users address_wise
keywords are set to
ADDRESS_RANGE.
To Next Page
Loading...
