SRX Services Gateway
SRX Services Gateway

Address books SRX

[ Edited ]
‎01-31-2020 06:46 AM



I'm trying to create an address-book with admin's IP addresses from different subnets/vlan, but with problems..


root@SRX2# show security address-book admins 
address admin-cable;
address admin-wifi;

root@SRX2# show security policies from-zone mobile to-zone managment policy permit-admins          
match {
    source-address admins;
    destination-address any;
    application any;
then {

root@SRX2# commit 

[edit security policies from-zone mobile to-zone managment]
  'policy permit-admins'
    Source address or address_set (admins) not found.
error: configuration check-out failed

The address-book has not be found when commiting. How to create such address-book?

SRX Services Gateway

Re: Address books SRX

‎01-31-2020 09:22 AM

Hi Gabriel,


Greetings, Is this particular address book Attached to a zone? 


for example:


Attach the address book to a security zone.

[edit security address-book Eng-dept]
user@host# set attach zone trust


Lil Dexx JNCIE-ENT#863


If this solves your problem, please mark this post as "Accepted Solution" so we can help others too \Smiley Happy/


SRX Services Gateway
Accepted by topic author Gabriel-
‎02-05-2020 12:05 AM

Re: Address books SRX

‎02-01-2020 06:13 AM

Typically you will create the address and address-set objects under the zone hierarchy.  

The top level is for the global zone.


set security zones security-zone trust address-book address admin-cable

set security zones security-zone trust address-book address-set address permit-admins address admin-cable


Steve Puluka BSEET - Juniper Ambassador
IP Architect - DQE Communications Pittsburgh, PA (Metro Ethernet & ISP)