Management
Reply
Contributor
Big_Vi
Posts: 14
Registered: ‎04-08-2009
0

How to create IP range object for security policy?

[ Edited ]

Hi all,

 

Maybe this question is really stupid/easy for you (in this case I'll be happy if you have the solution) but I can't find a way to create an IP range object into NSM or Screenos like it is possible with checkpoint...

 

I want for exemple create an object with IP range 192.168.61 to 192.168.63 t. Is there a way to do that? I cant do this with network object and subnet/wildcard mask.

 

Thank you in advance for your help

 

Vince

Message Edited by Big_Vi on 09-14-2009 05:38 AM
Trusted Contributor
Optimist
Posts: 60
Registered: ‎09-09-2009
0

Re: How to create IP range object for security policy?

This is not possible.

 

you have to create 3 host entries and group them together.

Then you can use this group in your policy.

 

If this worked for you please flag my post as an "Accepted Solution" so others can benefit.
A kudo would be cool if you think I earned it.

 

Visitor
stockho
Posts: 4
Registered: ‎11-10-2009
0

Re: How to create IP range object for security policy?

Hi,

How it coulb be an acceptable solution???

If someone have to do this with a subnet in class A it's  not manageable!!!

 

it's my case, so does anyone get an admissible solution?

 

Thx in advance

Contributor
yemgi
Posts: 57
Registered: ‎11-09-2009
0

Re: How to create IP range object for security policy?

stockho in your case, you just have to creat a class A object, there is no difficulty to this.

The OP question was about 3 contiguous subnets that could not be supernetted.

Visitor
stockho
Posts: 4
Registered: ‎11-10-2009
0

Re: How to create IP range object for security policy?

Hi,

In my case i got to assign a range ip in my subnet in order to autorize it to make some action.

There is my network 10.0.0.0/16

 

Is it possible to autorize the range 10.0.2.1 - 10.0.2.254 to use http on a special public ip and to autorize the other ip to use http with an other public ip?

 

Sincerely

Contributor
yemgi
Posts: 57
Registered: ‎11-09-2009
0

Re: How to create IP range object for security policy?

You need to create 2 rules, the most restrictive first:

 

1: 10.0.2.0/24 => [public_IP1]:80

2: 0.0.0.0/0 => [public_IP2]:80

Copyright© 1999-2013 Juniper Networks, Inc. All rights reserved.