真实的国产乱ⅩXXX66竹夫人,五月香六月婷婷激情综合,亚洲日本VA一区二区三区,亚洲精品一区二区三区麻豆

成都創(chuàng)新互聯(lián)網站制作重慶分公司

JuniperSRX基本初始配置步驟(SecurityPolicy2)

1) 接口

成都創(chuàng)新互聯(lián)從2013年成立,是專業(yè)互聯(lián)網技術服務公司,擁有項目成都網站建設、網站制作網站策劃,項目實施與項目整合能力。我們以讓每一個夢想脫穎而出為使命,1280元華容做網站,已為上家服務,為華容各地企業(yè)和個人服務,聯(lián)系電話:18982081108

set interfaces ge-0/0/0.0 family inet address x.x.x.x/24

set interfaces ge-0/0/1.0 family inet address x.x.x.x/24

#show interfaces

#run show int terse

2) 安全區(qū)域(中把接口加入到各安全區(qū)域)

set security zones security-zone Outside/Inside 或 untrust/trust interface ge-0/0/0.0

#show security zones

3) 安全策略-zone間策略(由內到外流量-全部permit;由外到內流量-全部deny)

set security policies from-zone Inside to-zone Outside policy [Policy-Name]Default-Permit

    match source-address any

    match destination-address any

    match application any

    then permit

 

4) 安全區(qū)域的(各個安全區(qū)域的)addressbook 

//針對match source-address\destination-address any

set security zones security-zone Outside address-book address [Address-Name]  x.x.x.x/32

set security zones security-zone Inside address-book address [Address-Name]x.x.x.x/32

 

5) 配置應用applications   application 或 applications application-set  

//針對 match application any

set application  [Application-Name]    //show applications

 

set applications apolication [TCP-3032] protocol tcp destination-port 3032 

set applications application-set [APP-SET1] application TCP-3032

 

show security flow session ?

_______________________________________________________________________________ 

6) count

edit security poicies from-zone Inside to-zone Outside policy Default-Permit

    set match source-address Inside-Network

    set match destination-address SP-Routers

    set match application any

    set then permit

    set then count

    set then log session-init session-close

 

set system syslog file [Traffic-Log] any(facility) any(level嚴重級別)

set system syslog file [Traffice-log] match "RT_FLOW_SESSION"

 

>show security policies policy-name [Default-Permit] detail

 

>show system syslog

>show log [Traffice-Log]

 

7) monitor

#set system syslog file Monitor-Traffic-Log any any

#set system syslog file Monitor-Traffic-Log match "10.1.1.1"

#show system syslog

>monitor start Monitor-Traffic-Log

>monitor stop

 

8) security flow traceoptions //Juniper的debug

9) Policy Schedulers //時間訪問控制列表

10) Web-Authen

11) Pass-Through

 


本文標題:JuniperSRX基本初始配置步驟(SecurityPolicy2)
轉載注明:http://weahome.cn/article/jgcsdh.html

其他資訊

在線咨詢

微信咨詢

電話咨詢

028-86922220(工作日)

18980820575(7×24)

提交需求

返回頂部