Hi, I am migrating Netscreen to SRX Firewall. I am facing issue to migrate configuration of Global Policy.
In Netscreen we have few policies from (Specific Zone) to Global Zone. set policy id 100 from "Trust" to "Global" "x.x.x.x" "Any-IPv4" "HTTP" permit log set policy id 100 set service "HTTPS" exit I have configure same in SRX under GROUP hierarchy. groups { node0 { security { policies { from-zone Trust to-zone <*> { policy test { match { source-address x.x.x.x; destination-address any; application [junos-http junos-https]; } then { permit; } } } } } } node1 { security { policies { from-zone Trust to-zone <*> { policy test { match { source-address x.x.x.x; destination-address any; application [junos-http junos-https]; } then { permit; } } } } } } } apply-groups "${node}"; Similar I have few more policies from different specific zones to Global. My question is that will I migrated this part correctly or not. If this is not correct, kindly let me know correct way to configure similar to netscreen policy. Regards, Muhammad Atif Jauhar (+966-56-00-04-985) _______________________________________________ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp