EasyManuals Logo
Home>Juniper>Network Hardware>Junos OS

Juniper Junos OS User Manual

Juniper Junos OS
158 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Page #50 background imageLoading...
Page #50 background image
Table 8: Address Books Configuration (continued)
Server IP Address-Address BookZones
192.168.1.2/24PC-TrustTrust
Create security policies as shown in Table 9 on page 34.
Table 9: Security Policy Configuration
ActionTo ZoneFrom ZonePolicy Name
Permit SMTP trafficDMZTrustpermit-mail-trust-DMZ
Permit HTTP trafficDMZDMZpermit-http-in-DMZ
Configuration
CLI Quick
Configuration
To quickly configure this example, copy the following commands, paste them into a text
file, remove any line breaks, change any details necessary to match your network
configuration, copy and paste the commands into the CLI at the [edit] hierarchy level,
and then enter commit from configuration mode.
delete interfaces ge-0/0/1 unit 0 family ethernet-switching
set interfaces ge-0/0/1 unit 0 family inet address 192.168.2.1/24
set security zones security-zone DMZ interfaces ge-0/0/1 host-inbound-traffic
system-services all
set security zones security-zone DMZ address-book address Server-HTTP-1 192.168.2.2/24
set security zones security-zone DMZ address-book address Server-HTTP-2 192.168.2.3/24
set security zonessecurity-zone DMZ address-book address Server-SMTP 192.168.2.4/24
set security zones security-zone DMZ address-book address-set DMZ-address-set-http
address Server-HTTP-1
set security zones security-zone DMZ address-book address-set DMZ-address-set-http
address Server-HTTP-2
set security zones security-zone trust address-book address PC-Trust 192.168.1.2/32
set security policies from-zone trust to-zone DMZ policy permit-mail-trust-DMZ match
source-address PC-Trust
set security policies from-zone trust to-zone DMZ policy permit-mail-trust-DMZ match
destination-address Server-SMTP
set security policies from-zone trust to-zone DMZ policy permit-mail-trust-DMZ match
application junos-smtp
set security policies from-zone trust to-zone DMZ policy permit-mail-trust-DMZ then
permit
set security policies from-zone DMZ to-zone DMZ policy permit-http-in-DMZ match
source-address DMZ-address-set-http
set security policies from-zone DMZ to-zone DMZ policy permit-http-in-DMZ match
destination-address DMZ-address-set-http
set security policies from-zone DMZ to-zone DMZ policy permit-http-in-DMZ match
application junos-http
set security policies from-zone DMZ to-zone DMZ policy permit-http-in-DMZ then permit
Copyright © 2016, Juniper Networks, Inc.34
Getting Started Guide for Branch SRX Series

Table of Contents

Questions and Answers:

Question and Answer IconNeed help?

Do you have a question about the Juniper Junos OS and is the answer not in the manual?

Juniper Junos OS Specifications

General IconGeneral
BrandJuniper
ModelJunos OS
CategoryNetwork Hardware
LanguageEnglish

Related product manuals