Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 
 

Add a Zone

You are here: Security Policies & Objects > Zones/Screens.

To add a zone:

  1. Click the add icon (+) on the upper right side of the Zone List page.

    The Add Zone page appears.

  2. Complete the configuration according to the guidelines provided in Table 1.
  3. Click OK to save the changes. If you want to discard your changes, click Cancel.
Table 1: Fields on the Add Zone page

Field

Action

Main

Zone name

Enter a name for the zone.

Zone description

Enter a description for the zone.

Zone type

Select a zone type: Security or Functional.

Application Tracking

Select the check box to enable application tracking support for the zone.

Source Identity Log

Select the check box to enable it to trigger user identity logging when that zone is used as the source zone (from-zone) in a security policy.

Traffic Control Options

Enter the following details:

  • Send RST for Non Matching Session—Select the check box to enable this option.

    Specifies that when the reset feature is enabled, the system sends a TCP segment with the RESET flag set when traffic arrives. This does not match an existing session and does not have the Synchronize flag set.

  • Binding Screen—Select a binding screen from the list.

    Note:

    If you have already configured screens, the list shows the screen names and allows you to select or delete a screen.

Interfaces

Select interfaces from the Available column and move it to the Selected column using the arrow to include in the security zone.

Starting in Junos OS Release 19.4R1, J-Web supports Wi–Fi Mini-PIM for SRX320, SRX340, SRX345, and SRX550M devices. The physical interface for the Wi-Fi Mini-PIM uses the name wl-x/0/0, where x identifies the slot on the services gateway where the Mini-PIM is installed.

Host inbound traffic - Zone

Protocols

Specifies the protocols that permit inbound traffic of the selected type to be transmitted to hosts within the zone.

Select the protocols from the Available column and move it to the Selected column using the right arrow.

Select all to permit all protocols.

Note:

To deselect protocols, select the protocols in the Selected column and then use the left arrow to move them to the Available column.

Services

Specifies the interface services that permit inbound traffic of the selected type to be transmitted to hosts within the zone.

Select the services from the Available column and move it to the Selected column using the right arrow.

Select all to permit all services.

Note:

To deselect services, select the services in the Selected column and then use the left arrow to move them to the Available column.

Host inbound traffic - Interface

Selected Interfaces

Displays the list of selected interfaces.

Interface Services

Specifies the interfaced services that permit inbound traffic from the selected interface to be transmitted to hosts within the zone.

Select the interface services from the Available column and move it to the Selected column using the right arrow. Select all to permit all interface services.

Note:

If you select multiple interfaces, the existing interface services and protocols are cleared and are applied to the selected interfaces.

Interface Protocols

Specifies the interfaced protocols that permit inbound traffic from the selected interface to be transmitted to hosts within the zone.

Select the interface protocols from the Available column and move it to the Selected column using the right arrow. Select all to permit all interface protocols.