Insert doesn't create it, it re-orders existing policies. IMHO it's confusingly named.
So you create the policy using set (which puts it at the end) then you use insert to re-order it in the position you want. On May 1, 2013 8:32 AM, "James S. Smith" <jsm...@windmobile.ca> wrote: > I have an SRX240 running 11.1R2.3, and occasionally I have to add new > policies. The obvious choice would seem to be use the insert command but > I’m getting some weird errors. For example, I have a number of policies > for the different protocols going between the IT staff and the untrust > zone. When trying to insert a new policy the SRX complains the policy does > not exist.**** > > ** ** > > jsmith@fw01# insert security policies from-zone it_staff to-zone untrust > policy it_staff-untrust-windows-rdp before policy it_staff-untrust-default > **** > > error: statement 'it_staff-untrust-windows-rdp' not found**** > > ** ** > > ** ** > > ** ** > > *James S. Smith *Network Architect**** > > *WIND Mobile *207 Queen's Quay West, Suite 710* *Toronto, ON M5J 1A7**** > > ** ** > > *Email: *jsm...@windmobile.ca** > > *Direct:* 416-640-9792**** > > ** ** > > *Fax: *416-987-1203 **** > > * * > > <http://www.windmobile.ca/> > <http://www.facebook.com/WINDmobile><http://www.twitter.com/WINDmobile> > **** > > <http://www.windmobile.ca/>**** > > _______________________________________________ > juniper-nsp mailing list juniper-nsp@puck.nether.net > https://puck.nether.net/mailman/listinfo/juniper-nsp >
<<image002.png>>
<<image001.png>>
<<image003.png>>
<<image004.png>>
_______________________________________________ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp
