SRX

last person joined: yesterday 

Ask questions and share experiences about the SRX Series, vSRX, and cSRX.

  • 1.  utm policy

    Posted 08-11-2014 02:17

    Hi, 

    Ive configured 3 vlans in one zone ( Inside ), then i defined a web filtering and it s working properly for the zone , now i want to apply the web filtering just for two vlans in the inside zone

    How can i do that ? 

     

    Regards,



  • 2.  RE: utm policy
    Best Answer

    Posted 08-11-2014 03:33

    Hi 

    You can achieve this by configuring the two vlan sunbnest in one security policy and call the UTM service in that policy.

    For the remaining one subnet you can not call th eutm policy.

    set security policies from-zone trust to-zone untrust policy default-permit match source-address [vlan-1-subnet vlan-2 subnet]
    set security policies from-zone trust to-zone untrust policy default-permit match destination-address any
    set security policies from-zone trust to-zone untrust policy default-permit match application any
    set security policies from-zone trust to-zone untrust policy default-permit then permit services utm-policy web-filtering-policy

    set security policies from-zone trust to-zone untrust policy default-permit match source-address vlan-3-subnet
    set security policies from-zone trust to-zone untrust policy default-permit match destination-address any
    set security policies from-zone trust to-zone untrust policy default-permit match application any
    set security policies from-zone trust to-zone untrust policy default-permit then permit

     

    Something like above.

     

    Regards,

    c_r

    Please Mark My Solution Accepted if it Helped, Kudos are Appreciated too