Example: Reordering the Policies

This example shows show how to move policies around after they have been created.

• Requirements
• Overview
• Configuration
• Verification

Requirements

Before you begin:

• Create zones. See Example: Creating Security Zones.
• Configure the address book and create addresses for use in the policy. See Example: Configuring Address Books.

Overview

To reorder policies to correct shadowing, you can simply reverse the order of the policies, putting the more specific one first.

Configuration

Step-by-Step Procedure

To reorder existing policies:

1. Reorder two existing policies by entering the following command:
   [edit]user@host# insert security policies from-zone trust to-zone untrust policy permit-mail before policy permit-all
2. If you are done configuring the device, commit the configuration.
   [edit]user@host# commit

Verification

To verify the configuration is working properly, enter the show security policies command.

Related Topics

• Junos OS Feature Support Reference for SRX Series and J Series Devices
• Security Policies Overview
• Understanding Security Policy Ordering