policies

Syntax

policies {default-policy {(deny-all | permit-all);}from-zone zone-name to-zone zone-name {policy policy-name {match {application [ application-name-or-set ];destination-address { address-name ;}source-address { address-name ; }}scheduler-name scheduler-name ;then {count {alarm {per-minute-threshold number; per-second-threshold number ;}}(deny | reject);permit {application-services (redirect-wx | reverse-redirect-wx);destination-address {drop-translated;drop-untranslated;}firewall-authentication {pass-through {access-profile profile-name ;client-match match-name ;web-redirect;}web-authentication {client-match user-or-group ;}}tunnel {ipsec-group-vpn group-vpn;ipsec-vpn vpn-name ;pair-policy pair-policy ;}}log {session-close;session-init;}}}}policy-rematch;traceoptions {file filename <files number > <size maximum-file-size > <world-readable | no-world-readable>;flag flag ;}}

Hierarchy Level

[edit security]

Release Information

Statement introduced in Release 8.5 of Junos OS.

Description

Configure network security policies.

Usage Guidelines

For configuration instructions and examples, see the Junos OS Security Configuration Guide.

Required Privilege Level

security—To view this statement in the configuration.

security-control—To add this statement to the configuration.

Copyright© 1999-2010 Juniper Networks, Inc. All rights reserved.