Juniper Netscreen Quick Reference

This page is currently in progress and is not completed Please note that the information on this page is pending completion by the author. You can help contribute by using the edit tab above. See where else you can help at Category:InProgress

This page or section provides device configuration instructions Please note that the information on this page has not been checked for accuracy and is not intended as a replacement to documentation. Please ensure you understand your desired objectives before attempting to apply any examples listed. See more examples at Category:Configuration

[edit] Zones

[edit] Concept

[edit] Usage

[edit] Policies

[edit] Creating a basic policy

Syntax

fw-> set pol from <Source Zone> to <Destination Zone> <Source host> <Destination host> <Service> <Action>

Example

The following command allows anyone from the Trust zone to create HTTP sessions to any host located on the Untrust zone.

fw-> set pol from Trust to Untrust Any Any HTTP Permit
policy id = 248

[edit] Adding a service to an existing policy

Syntax

fw-> set pol id <ID>
fw(policy:<ID>)-> set service <SERVICE>
fw(policy:<ID>)-> exit
fw-> 

Example

The following commands allows the FTP protocol in addition to the HTTP protocol that we already allowed in the previous policy.

fw-> set pol id 248
fw(policy:248)-> set service FTP
fw(policy:248)-> exit
fw-> 

[edit] Listing policies from a zone to another

get pol from "zone_name" to "zone_name"

You could also use the always-handy

get pol | inc "pattern"

So you can match on the source or destination zone.

[edit] NAT

[edit] Services

[edit] Creating Services

[edit] Appending ports to existing services

[edit] Routing

[edit] Source routing

[edit] Virtual routers

[edit] Vlans

halloo

[edit] QoS

[edit] IPSec