pre-id-default-policy
Syntax
pre-id-default-policy { then { log { session-init; session-close; } session-timeout { icmp seconds; icmp6 seconds; ospf seconds; others seconds; tcp seconds; udp seconds; } } }
Hierarchy Level
[edit security policies]
Description
During the initial policy lookup phase, which occurs prior to a dynamic application being identified, if there are multiple policies present in the potential policy list, the SRX Series device applies the default security policy until a more explicit match has occurred. Configures default policy actions that occur prior to dynamic application identification (AppID).
Configuring session-init
logging for the pre-id-default-policy
can generate a large amount of logs.
Each session that enters the SRX that initially matches the pre-id-default-policy
will generate an event. We recommend only using this option for
troubleshooting purposes.
Options
then | Specifies the policy action that has to be taken when the packet matches the criteria. |
log | Specifies the log details at session close time and session initialization time.
|
session-timeout | When you update a session, the session timeout is configured, which specifies the session timeout details in seconds.
|
Required Privilege Level
security—To view this statement in the configuration.
security-control—To add this statement to the configuration.
Release Information
Statement introduced in Junos OS Release 18.2R1.