ScreenOS Firewalls (NOT SRX)
Reply
Contributor
rgmhtt
Posts: 46
Registered: ‎08-26-2009
0

Grouping zones for policies

I have a zone, servers that I have the same policy for other zones to access.

 

I would like to be able to set up one policy for what all the other zones (6) have to follow to access systems in my server zone.  But there does not seem to be any way to group zones?

 

 

Super Contributor
arizvi
Posts: 287
Registered: ‎10-21-2008
0

Re: Grouping zones for policies

Hi,

 

You can use the Globa Policies like :

set policy from Untrust to Global "Any" "Any" Any Permit

 

For detail about the Global policies , please go through the following link:

http://www.juniper.net/techpubs/software/screenos/screenos6.1.0/ce_v2.pdf Page 162.

 

Thanks

Atif

Contributor
rgmhtt
Posts: 46
Registered: ‎08-26-2009
0

Re: Grouping zones for policies

But it won't allow me to use Global as the source zone, only the destination zone.

 

I want ANY connection from anywhere to my server zone to be control by a specific policy.

 

I would need:

 

set policy from Global to Untrust "Any" "Any" Any Permit

 

Which does not seem to be allowed.  At least via the GUI.

 

 

Copyright© 1999-2013 Juniper Networks, Inc. All rights reserved.