[ Contents] [ Prev] [ Next] [ Index] [ Report an Error]

CLI Configuration

  1. Configure addresses.
    user@host# set security zones security-zone external address-book address IP_Phone 2.2.2.5/32
    user@host# set security zones security-zone internal address-book address gatekeeper 2.2.2.10/32
  2. Configure a policy from the internal zone to the external zone.
    user@host# set security policies from-zone internal to-zone external policy p_1 match source-address any
    user@host# set security policies from-zone internal to-zone external policy p_1 match destination-address IP_Phone
    user@host# set security policies from-zone internal to-zone external policy p_1 match application junos-h323
    user@host# set security policies from-zone internal to-zone external policy p_1 then permit
  3. Configure a policy to allow traffic between the internal zone and the gatekeeper in the external zone.
    user@host# set security policies from-zone internal to-zone external p_2 match source-address any
    user@host# set security policies from-zone internal to-zone external policy p_2 match destination-address gatekeeper
    user@host# set security policies from-zone internal to-zone external policy p_2 match application junos-h323
    user@host# set security policies from-zone internal to-zone external policy p_2 then permit
  4. Configure a policy to allow traffic between phones in the internal zone and the external zone.
    user@host# set security policies from-zone external to-zone internal policy p_3 match source-address IP_Phone
    user@host# set security policies from-zone external to-zone internal policy p_3 match destination-address any
    user@host# set security policies from-zone external to-zone internal policy p_3 match application junos-h323
    user@host# set security policies from-zone external to-zone internal policy p_3 then permit
  5. Configure a policy to allow traffic between phones in the internal zone and the gatekeeper in the external zone.
    user@host# set security policies from-zone external to-zone internal policy id_4 match source-address gatekeeper
    user@host# set security policies from-zone external to-zone internal policy p_4 match destination-address any
    user@host# set security policies from-zone external to-zone internal policy p_4 match application junos-h323
    user@host# set security policies from-zone external to-zone internal policy p_4 then permit
  6. If you are finished configuring the J-series device, commit the configuration.
[ Contents] [ Prev] [ Next] [ Index] [ Report an Error]

[an error occurred while processing this directive]