Wizards

In a JUNOS Enhanced Services stateful firewall, the security policies enforce rules for the transit traffic, in terms of what traffic can pass through the firewall, and the actions that need to take place on the traffic as it passes through the firewall.

This section contains the following topics:

Firewall Wizard

In a Junos OS stateful firewall, the security policies enforce rules for the transit traffic, in terms of what traffic can pass through the firewall, and the actions that need to take place on the traffic as it passes through the firewall. From the perspective of security policies, the traffic enters one security zone and exits another security zone. This combination of a from-zone and to-zone is called a context. Each context contains an ordered list of policies.

By default, a device denies all traffic in all directions. Through the creation of policies, you can control the traffic flow from zone to zone by defining the kinds of traffic permitted to pass from specified sources to specified destinations at scheduled times.

This wizard leads you through the basic required steps to configure firewall policies for SRX Series security devices. To configure a policy with a complete set of options, use either the J-Web interface or the command-line interface (CLI).

As you use this wizard, refer to the upper left area of the page to see where you are in the configuration process. Refer to the lower left area of the page for help related to the current page and its contents.

When you click a link under the Resources heading in the lower left area, the document opens in your browser. If it is in a new tab, be sure to close only the tab (not the browser window) when you close the document.

VPN Wizard

A virtual private network (VPN) provides a means for secure communication among remote computers across a public WAN, such as the Internet.

This wizard leads you through the basic required steps to configure basic settings for a router-based VPN. To configure a VPN with a complete set of options, use either the J-Web interface or the command-line interface (CLI).

As you use this wizard, refer to the upper left area of the page to see where you are in the configuration process. Refer to the lower left area of the page for help related to the current page and its contents.

When you click a link under the Resources heading in the lower left area, the document opens in your browser. If it is in a new tab, be sure to close only the tab (not the browser window) when you close the document.

NAT Wizard

Network Address Translation (NAT) is a method for modifying or translating network address information in packet headers. Either one or both of the source and destination addresses in a packet may be translated. NAT can also include the translation of port numbers.

The NAT type determines the order in which NAT rules are processed. During the first packet processing for a flow, NAT rules are applied in the following order:

  1. Static NAT rules
  2. Destination NAT rules
  3. Route lookup
  4. Security policy lookup
  5. Reverse mapping of static NAT rules
  6. Source NAT rules

This wizard leads you through the basic required steps to configure NAT for the SRX Series security device. To configure more detailed settings, use either the J-Web interface or the command-line interface (CLI).

As you use this wizard, refer to the upper left area of the page to see where you are in the configuration process. Refer to the lower left area of the page for help related to the current page and its contents.

When you click a link under the Resources heading in the lower left area, the document opens in your browser. If it is in a new tab, be sure to close only the tab (not the browser window) when you close the document.