Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 

Services Configuration Procedure

 

You follow these general steps to configure services:

  1. Define application objects by configuring statements at the [edit applications] hierarchy level.
  2. Define service rules by configuring statements at the [edit services (ids | ipsec-vpn | nat | stateful-firewall) rule] hierarchy level.
  3. Group the service rules by configuring the rule-set statement at the [edit services (ids | ipsec-vpn | nat | stateful-firewall)] hierarchy level.
  4. Group service rule sets under a service-set definition by configuring the service-set statement at the [edit services] hierarchy level.
  5. Apply the service set on an interface by including the service-set statement at the [edit interfaces interface-name unit logical-unit-number family inet service (input | output)] hierarchy level. Alternatively, you can configure logical interfaces as a next-hop destination by including the next-hop-service statement at the [edit services service-set service-set-name] hierarchy level.Note

    You can configure IDS, NAT, and stateful firewall service rules within the same service set. You must configure IPsec services in a separate service set, although you can apply both service sets to the same PIC.