[ Contents] [ Prev] [ Next] [ Index] [ Report an Error]

CLI Configuration

  1. Configure interfaces.
    user@host# set interfaces ge-0/0/0 unit 0 family inet address 10.1.1.1/24
    user@host# set interfaces ge-0/0/1 unit 0 family inet address 2.2.2.2/24
    user@host# set interfaces ge-0/0/2 unit 0 family inet address 1.1.1.1/24
  2. Configure zones.
    user@host# set security zones security-zone private interfaces ge-0/0/0.0
    user@host# set security zones security-zone public interfaces ge-0/0/2.0
    user@host# set security zones security-zone dmz interfaces ge-0/0/1.0
  3. Configure addresses.
    user@host# set security zones security-zone private address-book address phone1 10.1.1.3/32
    user@host# set security zones security-zone public address-book address phone2 1.1.1.4/32
    user@host# set security zones security-zone dmz address-book address proxy 2.2.2.4/32
  4. Configure static-NAT.
    user@host# set security nat interface ge-0/0/1.0 static-nat 2.2.2.3/32 host 10.1.1.3/32
  5. Configure policies.
    user@host# set security policies from-zone private to-zone dmz policy private-to-proxy match source-address phone1
    user@host# set security policies from-zone private to-zone dmz policy private-to-proxy match destination-address proxy
    user@host# set security policies from-zone private to-zone dmz policy private-to-proxy match application junos-sip
    user@host# set security policies from-zone private to-zone dmz policy private-to-proxy then permit source-nat interface
    user@host# set security policies from-zone public to-zone dmz policy public-to-proxy match source-address phone2
    user@host# set security policies from-zone public to-zone dmz policy public-to-proxy match destination-address proxy
    user@host# set security policies from-zone public to-zone dmz policy public-to-proxy match application junos-sip
    user@host# set security policies from-zone public to-zone dmz policy public-to-proxy then permit
    user@host# set security policies from-zone private to-zone public policy private-to-public match source-address phone1
    user@host# set security policies from-zone private to-zone public policy private-to-public match destination-address phone2
    user@host# set security policies from-zone private to-zone public policy private-to-public match application junos-sip
    user@host# set security policies from-zone private to-zone public policy private-to-public then permit source-nat interface
    user@host# set security policies from-zone dmz to-zone private policy proxy-to-private match source-address proxy
    user@host# set security policies from-zone dmz to-zone private policy proxy-to-private match destination-address static_nat_2.2.2.3_32
    user@host# set security policies from-zone dmz to-zone private policy proxy-to-private match application junos-sip
    user@host# set security policies from-zone dmz to-zone private policy proxy-to-private then permit
    user@host# set security policies from-zone dmz to-zone public policy proxy-to-public match source-address proxy
    user@host# set security policies from-zone dmz to-zone public policy proxy-to-public match destination-address phone2
    user@host# set security policies from-zone dmz to-zone public policy proxy-to-public match application junos-sip
    user@host# set security policies from-zone dmz to-zone public policy proxy-to-public then permit
[ Contents] [ Prev] [ Next] [ Index] [ Report an Error]

[an error occurred while processing this directive]