Navigation
Table of Contents
Guide That Contains This Content
[+] Expand All
[-] Collapse All
zones
Syntax
zones {functional-zone {management {description text;host-inbound-traffic {protocols protocol-name { except;}system-services service-name { except;}}interfaces interface-name {host-inbound-traffic {protocols protocol-name { except;}system-services service-name { except;}}}screen screen-name;}}security-zone zone-name {address-book {address address-name {ip-prefix {description text;}description text;dns-name domain-name {ipv4-only;ipv6-only;}range-address lower-limit to upper-limit;wildcard-address ipv4-address/wildcard-mask;}address-set address-set-name {address address-name;address-set address-set-name;description text;}}application-tracking;description text;host-inbound-traffic {protocols protocol-name { except;}system-services service-name { except;}}interfaces interface-name {host-inbound-traffic {protocols protocol-name { except;}system-services service-name { except;}}}screen screen-name;tcp-rst;}}
Hierarchy Level
[edit security]
Release Information
Statement introduced in Junos OS Release 8.5. Support for wildcard addresses added in Junos OS Release 11.1. The description option added in Junos OS Release 12.1.
Description
A zone is a collection of interfaces for security purposes. All interfaces in a zone are equivalent from a security point of view. Configure the following zones:
- Functional zone—Special-purpose zone, such as a management zone that can host dedicated management interfaces.
- Security zone—Most common type of zone that is used as a building block in policies.
Options
The remaining statements are explained separately. See CLI Explorer.
Required Privilege Level
security—To view this statement in the configuration.
security-control—To add this statement to the configuration.
