[ Contents] [ Prev] [ Next] [ Index] [ Report an Error]

from-zone

See the following sections:

from-zone (IDP Policy)

Syntax



from-zone            zone-name         ;

Hierarchy Level



[edit security idp idp-policy policy-name rulebase-exempt rule rule-name match],
[edit security idp idp-policy policy-name rulebase-ips rule rule-name match]

Release Information

Statement introduced in Release 9.2 of JUNOS software.

Description

Specify a source zone to be associated with the security policy. The default value is any.

This statement is supported on SRX-series devices.

Options

zone-name —Name of the source zone object.

Usage Guidelines

For configuration instructions and examples, see the JUNOS Software Security Configuration Guide.

Required Privilege Level

security—To view this statement in the configuration.

security-control—To add this statement to the configuration.

from-zone (Security Policies)

Syntax



from-zone              zone-name            to-zone              zone-name            {


policy  
             policy-name              {


match {
application [                 application-name-or-set   
           ];


destination-address {
                 
                   address-name            
    ;
}




source-address {
                 
                   address-name            
    ; 
}


}


scheduler-name                scheduler-name             ;


then {


count {


alarm {
per-minute-threshold                      number;     
                              

per-second-threshold                      number      
            ;
}


}


(deny | reject);


permit {
application-services (wx-redirect
| wx-reverse-redirect);


destination-address {
drop-translated;
drop-untranslated;
}


destination-nat                    destination-name        
        ;


firewall-authentication
{


pass-through {
access-profile                        profile-name        
            ;
client-match                        match-name          
          ;
web-redirect;
}




web-authentication {
client-match                        user-or-group       
             ;
}


}


source-nat (pool                    pool-name               
  | pool-set                    pool-set-name                  | interface);


tunnel {
ipsec-vpn                      vpn-name              
    ;
pair-policy                      pair-policy           
       ;
}


}




log {
session-close;
session-init;
}


}


}


}

Hierarchy Level



[edit security policies]

Release Information

Statement introduced in Release 8.5 of JUNOS software.

Description

Specify a source zone and destination zone to be associated with the security policy.

This statement is supported on J-series and SRX-series devices.

Options

zone-name —Name of the source zone.
to-zone zone-name —Name of the destination zone.
The remaining statements are explained separately.

Usage Guidelines

For configuration instructions and examples, see the JUNOS Software Security Configuration Guide.

Required Privilege Level

security—To view this statement in the configuration.

security-control—To add this statement to the configuration.

[ Contents] [ Prev] [ Next] [ Index] [ Report an Error]