Hi All, I am not sure what i am doing wrong :
The requirement is to allow port 8084 in an existing policy which looks like below:
I added the below commands from the config mode but each time i try to commit the config i see below error messages:
Error messages:
JUNFW-01# commit
[edit security policies from-zone untrust to-zone dmz policy MONITORWEB]
'match'
Missing mandatory statement: 'source-address'
[edit security policies from-zone untrust to-zone dmz policy MONITORWEB]
'match'
Missing mandatory statement: 'destination-address'
[edit security policies from-zone untrust to-zone dmz]
'policy MONITORWEB'
Missing mandatory statement: 'then'
error: commit failed: (missing statements)
Newly added commands
--------------------------------
set security policies from-zone untrust to-zone DMZ policy MONITORWEB match source-address any
set security policies from-zone untrust to-zone DMZ policy MONITORWEB match destination-address monitorweb
set security policies from-zone untrust to-zone DMZ policy MONITORWEB match application tcp-8084
set security policies from-zone untrust to-zone DMZ policy MONITORWEB then permit
Existing config:
-----------------------
from-zone untrust to-zone DMZ {
policy MONITORWEB {
match {
source-address any;
destination-address monitorweb;
application [ junos-http junos-https ];
}
then {
permit;