SRX Services Gateway
Highlighted
SRX Services Gateway

Address books SRX

[ Edited ]
‎01-31-2020 06:46 AM

Hello,

 

I'm trying to create an address-book with admin's IP addresses from different subnets/vlan, but with problems..

 

root@SRX2# show security address-book admins 
address admin-cable 192.168.3.10/32;
address admin-wifi 192.168.4.10/32;

root@SRX2# show security policies from-zone mobile to-zone managment policy permit-admins          
match {
    source-address admins;
    destination-address any;
    application any;
}
then {
    permit;
}


root@SRX2# commit 


[edit security policies from-zone mobile to-zone managment]
  'policy permit-admins'
    Source address or address_set (admins) not found.
error: configuration check-out failed

The address-book has not be found when commiting. How to create such address-book?

2 REPLIES 2
Highlighted
SRX Services Gateway

Re: Address books SRX

‎01-31-2020 09:22 AM

Hi Gabriel,

 

Greetings, Is this particular address book Attached to a zone? 

 

for example:

 

Attach the address book to a security zone.

content_copyzoom_out_map
[edit security address-book Eng-dept]
user@host# set attach zone trust
 
 

 

Regards,
Lil Dexx JNCIE-ENT#863

 

If this solves your problem, please mark this post as "Accepted Solution" so we can help others too \Smiley Happy/

 

 
Highlighted
SRX Services Gateway
Solution
Accepted by topic author Gabriel-
‎02-05-2020 12:05 AM

Re: Address books SRX

‎02-01-2020 06:13 AM

Typically you will create the address and address-set objects under the zone hierarchy.  

The top level is for the global zone.

 

set security zones security-zone trust address-book address admin-cable 192.168.3.10/32

set security zones security-zone trust address-book address-set address permit-admins address admin-cable

 

Steve Puluka BSEET - Juniper Ambassador
IP Architect - DQE Communications Pittsburgh, PA (Metro Ethernet & ISP)
http://puluka.com/home