ScreenOS Firewalls (NOT SRX)
ScreenOS Firewalls (NOT SRX)

Grouping zones for policies

08.29.09   |  
‎08-29-2009 07:49 PM

I have a zone, servers that I have the same policy for other zones to access.

 

I would like to be able to set up one policy for what all the other zones (6) have to follow to access systems in my server zone.  But there does not seem to be any way to group zones?

 

 

2 REPLIES
ScreenOS Firewalls (NOT SRX)

Re: Grouping zones for policies

08.30.09   |  
‎08-30-2009 01:51 AM

Hi,

 

You can use the Globa Policies like :

set policy from Untrust to Global "Any" "Any" Any Permit

 

For detail about the Global policies , please go through the following link:

http://www.juniper.net/techpubs/software/screenos/screenos6.1.0/ce_v2.pdf Page 162.

 

Thanks

Atif

ScreenOS Firewalls (NOT SRX)

Re: Grouping zones for policies

08.30.09   |  
‎08-30-2009 06:59 AM

But it won't allow me to use Global as the source zone, only the destination zone.

 

I want ANY connection from anywhere to my server zone to be control by a specific policy.

 

I would need:

 

set policy from Global to Untrust "Any" "Any" Any Permit

 

Which does not seem to be allowed.  At least via the GUI.