Example: Adding and Modifying Custom Policy Applications

This example shows how to add and modify custom policy applications.

Requirements

Before you begin, create addresses and security zones. See Example: Creating Security Zones.

Overview

In this example, you create a custom application using the following information:

A name for the application, such as cust-telnet.
A range of source port numbers: 1 through 65535.
A range of destination port numbers to receive the application request, such as 1 through 65535.
Whether the application uses TCP or UDP, or some other protocol as defined by the Internet specifications.

Configuration

Step-by-Step Procedure

The following example requires you to navigate through various levels in the configuration hierarchy. For instructions on how to do that, see Using the CLI Editor in Configuration Mode.

To add and modify a custom policy application:

Configure TCP and specify the source port and destination port.
[edit applications application cust-telnet]user@host# set protocol tcp source-port 1–65535 destination-port 23000
Specify the length of time that the application is inactive.
[edit applications application cust-telnet]user@host# set inactivity-timeout 30
Modify a custom policy application.
[edit applications application cust-telnet]user@host# delete protocol tcpuser@host# set application-protocol ftp
If you are done configuring the device, commit the configuration.
[edit]user@host# commit

Verification

To verify the configuration is working properly, enter the show applications application command.

Note: The timeout value is in minutes. If you do not set it, the timeout value of a custom application is 180 minutes. If you do not want an application to time out, type never.