ScreenOS Firewalls (NOT SRX)
Reply
Contributor
ye_line
Posts: 26
Registered: ‎04-22-2010
0

Default policy For SSG

Hi There:

 

may advise the default policy in the following platform, global policy is permit or deny  :

 

SSG5  

SSG20

SSG140

SSG320M

SSG350M

SSG520M

SSG550M

 

Thanks for any feedback.

 

Bin

 

 

Super Contributor
ELKIM
Posts: 227
Registered: ‎12-01-2008
0

Re: Default policy For SSG

Hi

 

if im not wrong all juniper firewall have default policy with deny action

 

thanks


EL

Distinguished Expert
spuluka
Posts: 2,610
Registered: ‎03-30-2009
0

Re: Default policy For SSG

The defaut policy for any zone to zone traffic is deny.  You can override this select by placing a default allow rule at the bottom of the policy stack.

 

When you create a zone the default setting is to allow intrazone traffic but you can change that to deny as part of the zone configuration.

Steve Puluka BSEET
Juniper Ambassador
Senior Network Engineer - UPMC Pittsburgh, PA
JNCIA-ER JNCIA-EX JNCIS-SEC JNCIP-SEC
JNCIS-FWV JNCIS-SSL
MCP - Managing Server 2003 MCP - Windows XP Professional
MCTS Windows 7
http://puluka.com/home
Copyright© 1999-2013 Juniper Networks, Inc. All rights reserved.