04-30-2010 02:28 PM
The defaut policy for any zone to zone traffic is deny. You can override this select by placing a default allow rule at the bottom of the policy stack.
When you create a zone the default setting is to allow intrazone traffic but you can change that to deny as part of the zone configuration.
Senior IP Engineer - DQE Communications Pittsburgh, PA (Metro Ethernet & ISP)
JNCIA-Junos JNCIS-SEC JNCIP-SEC JNCSP-SEC
JNCDA JNCDS-DC JNCDS-SEC
ACE PanOS 6