CLI Configuration

To configure an address book, to configure a policy from the internal zone to the external zone, and to configure policies from the external zone to the internal zone, follow the sequence of steps listed below:

1. Configure an address book.

   user@host# set security zones security-zone public address-book address ip_phone 2.2.2.5/32

2. Configure a policy from the internal zone to the external zone.

   user@host# set security policies from-zone private to-zone public policy p1 match source-address any

   user@host# set security policies from-zone private to-zone public policy p1 match destination-address ip_phone

   user@host# set security policies from-zone private to-zone public policy p1 match application junos-h323

   user@host# set security policies from-zone private to-zone public policy p1 then permit

3. Configure policies from the external zone to the internal zone.

   user@host# set security policies from-zone public to-zone private policy p2 match source-address any

   user@host# set security policies from-zone public to-zone private policy p2 match destination-address ip_phone

   user@host# set security policies from-zone public to-zone private policy p2 match application junos-h323

   user@host# set security policies from-zone public to-zone private policy p2 then permit

4. If you are finished configuring the J-series device, commit the configuration.