Configuring Security Policies for Transparent Mode

In transparent mode, security policies can be configured only between Layer 2 zones.

This example configures a security policy to allow HTTP traffic from the 10.1.1.1/24 subnetwork in the l2–zone1 security zone to the server at 20.1.1.1/32 in l2–zone2.

You can use either J-Web or the CLI configuration editor to configure Layer 2 security zones.

This topic covers:

• J-Web Configuration
• CLI Configuration
• Related Topics

J-Web Configuration

To configure Layer 2 security policies:

1. Select Configuration>View and Edit>Edit Configuration.

   The Configuration page appears.

2. Next to Policy, select the check box, and then click Configure.
3. Next to Policy, click Add new entry.
4. In the From zone name box, type l2–zone1.
5. In the To zone name box, type l2–zone2.
6. Next to Policy, click Add new entry.
7. In the Policy name box, type p1.
8. Select the Match check box, then click Configure.
9. From the Source address choice list, select Source address.
10. Next to Source address, click Add new entry.
11. From the Value keyword list, select Enter specific value.
12. In the Address box, type 10.1.1.1/24, and then click OK.
13. From the Destination address choice list, select Destination address.
14. Next to Destination address, click Add new entry.
15. In the Value keyword list, select Enter specific value.
16. In the Address box, type 20.1.1.1/32 , and then click OK.
17. To match the policy to an application set name, from the Application choice list, select Application.
18. Next to Application, click Add new entry.
19. To specify the application set name to match the policy, in the Value keyword list box type http, and then click OK.
20. Select the Then check box, and then click Configure.
21. From the Action list, select Permit, and then click OK.

CLI Configuration

To configure Layer 2 security policies:

Related Topics

• Changing the Default Forwarding Behavior