On 09/02/2014 05:34, Mark Tinka wrote:
On Sunday, February 09, 2014 01:30:20 AM Phil Mayers wrote:
So, what I'm asking is: how can I override an inet-vpn
next-hop at a route-reflector, when the next-hop is not
a real PE.
I'm guessing this is dedicated route reflector - not running
MPLS - and
Hi,
I am migrating Netscreen to SRX Firewall. I am facing issue to migrate
configuration of Global Policy.
In Netscreen we have few policies from (Specific Zone) to Global Zone.
set policy id 100 from Trust to Global x.x.x.x Any-IPv4 HTTP
permit log
set policy id 100
set service HTTPS
exit
I
On 09/02/2014 11:44, Phil Mayers wrote:
On 09/02/2014 05:34, Mark Tinka wrote:
On Sunday, February 09, 2014 01:30:20 AM Phil Mayers wrote:
So, what I'm asking is: how can I override an inet-vpn
next-hop at a route-reflector, when the next-hop is not
a real PE.
I'm guessing this is dedicated
That method should work. Keep in mind that policies applied by group are
applied after everything else.
If you have a deny in your normal policies (like trust to untrust) that the
traffic meets, it'll get dropped before it ever makes it to this policy.
I prefer to put my policies in each zone
If you’re using JunOS 11.4 or later on a branch SRX, there is global policy
support now.
http://kb.juniper.net/InfoCenter/index?page=contentid=KB28109
Regards,
Andrew Jones
From: Muhammad Atif Jauharmailto:atif.jau...@gmail.com
Sent: Sunday, February 9, 2014 11:23 PM
To:
5 matches
Mail list logo