[Contents] [Prev] [Next] [Index] [Report an Error]

Configuring Policies

Now that you have the VPN clients terminating in the vpn zone, configure a policy that allows traffic from the VPN zone to any destination zone. Make sure that the policy configuration is not any any, and is an IPsec configuration. For example, the following commands set a security policy for VPN match from zone A to zone B and source and destination address as any and application as any. If these conditions match, then permit traffic through the tunnel ipsec-vpn test.

user@host# set security policies from-zone A to-zone B policy VPN match source-address any
user@host# set security policies from-zone A to-zone B policy VPN match destination-address any
user@host# set security policies from-zone A to-zone B policy VPN match application any
user@host# set security policies from-zone A to-zone B policy VPN then permit tunnel ipsec-vpn test

To configure security policies with J-Web Quick Configuration:

  1. Select Configuration > Quick Configuration > Security Policies > Policies.
  2. Select the Default Policy Action, Deny All or Permit All.
  3. In the From Zone and To Zone boxes, select the zone direction. You must have preconfigured the security zones for which you want to set policies. For more information, see Configuring Security Zones—Quick Configuration.
[Contents] [Prev] [Next] [Index] [Report an Error]

Copyright © 2009, Juniper Networks, Inc. All rights reserved. Trademark Notice.