[ Contents] [ Prev] [ Next] [ Index] [ Report an Error]

CLI Configuration

  1. Configure interfaces.
    user@host# set interfaces ge-0/0/0 unit 0 family inet address 10.1.1.1/24
    user@host# set interfaces fe-1/0/0 unit 0 family inet address 1.1.1.1/24
    user@host# set security zones security-zone zone1 interfaces ge-0/0/0.0
    user@host# set security zones security-zone zone2 interfaces fe-1/0/0.0
  2. Configure zones.
    user@host# set security zones security-zone zone1 interfaces ge-0/0/0.0
    user@host# set security zones security-zone zone1 address-book address IP_Phone1 10.1.1.5/32
    user@host# set security zones security-zone zone1 address-book address gatekeeper 10.1.1.25/32
    user@host# set security zones security-zone zone2 interfaces fe-1/0/0.0
    user@host# set security zones security-zone zone2 address-book address IP_Phone2 2.2.2.5/32
    user@host# set security zones Global
  3. Configure interface NAT.
    user@host# set security nat interface fe-1/0/0.0 static-nat 1.1.1.5/32 host 10.1.1.5/32
    user@host# set security nat interface fe-1/0/0.0 static-nat 1.1.1.25/32 host 10.1.1.25/32
  4. Configure policies.
    user@host# set security policy from-zone zone1 to-zone zone2 policy zone1_to_zone2 match source-address IP_Phone1
    user@host# set security policy from-zone zone1 to-zone zone2 policy zone1_to_zone2 match source-address gatekeeper
    user@host# set security policy from-zone zone1 to-zone zone2 policy zone1_to_zone2 match destination-address IP_Phone2
    user@host# set security policy from-zone zone1 to-zone zone2 policy zone1_to_zone2 match application junos-h323
    user@host# set security policy from-zone zone1 to-zone zone2 policy zone1_to_zone2 then permit
    user@host# set security policy from-zone zone2 to-zone Global policy zone2_to_Global match source-address IP_Phone2
    user@host# set security policy from-zone zone2 to-zone Global policy zone2_to_Global match destination-address static_nat_1.1.1.5_32
    user@host# set security policy from-zone zone2 to-zone Global policy zone2_to_Global match destination-address static_nat_1.1.1.25_32
    user@host# set security policy from-zone zone2 to-zone Global policy zone2_to_Global match application junos-h323
    user@host# set security policy from-zone zone2 to-zone Global policy zone2_to_Global then permit
[ Contents] [ Prev] [ Next] [ Index] [ Report an Error]

[an error occurred while processing this directive]