...
https://www.juniper.net/documentation/en_US/junos/topics/topic-map/security-address-books-sets.html#id-understanding-address-books
| create address-book |
|
|---|
|
| Code Block |
|---|
| [edit security address-book ServerBook]
root@vsrx1# show
address lubuntu1 10.0.2.3/32;
address lubuntu2 10.0.2.4/32;
address-set lubuntuAS {
address lubuntu1;
address lubuntu2;
}
attach {
zone trust;
}
[edit security address-book ServerBook]
root@vsrx1# show | display set
set security address-book ServerBook address lubuntu1 10.0.2.3/32
set security address-book ServerBook address lubuntu2 10.0.2.4/32
set security address-book ServerBook address-set lubuntuAS address lubuntu1
set security address-book ServerBook address-set lubuntuAS address lubuntu2
set security address-book ServerBook attach zone trust
|
|
| attached address-book to zone |
|
|---|
| set security address-book ServerBook attach zone trust |
| Apply to policy |
|
|---|
|
| Code Block |
|---|
| [edit]
root@vsrx1# show security policies from-zone untrust to-zone trust
policy Allow_all {
match {
source-address any;
destination-address lubuntuAS;
application any;
}
then {
permit;
log {
session-init;
session-close;
}
}
}
[edit]
root@vsrx1# show security policies from-zone untrust to-zone trust | display set
set security policies from-zone untrust to-zone trust policy Allow_all match source-address any
set security policies from-zone untrust to-zone trust policy Allow_all match destination-address lubuntuAS
set security policies from-zone untrust to-zone trust policy Allow_all match application any
set security policies from-zone untrust to-zone trust policy Allow_all then permit
set security policies from-zone untrust to-zone trust policy Allow_all then log session-init
set security policies from-zone untrust to-zone trust policy Allow_all then log session-close
|
|
|
|