From the course: Juniper Security Policies Fundamentals
Join today to access over 22,600 courses taught by industry experts or purchase this course individually.
Verifying policy configuration
From the course: Juniper Security Policies Fundamentals
Verifying policy configuration
- [Narrator] In the previous movies, we configured two security policies. The first policy allowed ICMP traffic from the trust zone to the untrust zone. While the second policy allowed SSH traffic on a custom port from the trust zone to the DMZ zone. Let's verify if ICMP access is working fine. First, let's take a look at the policy configuration on the Junos device. I'm first going to enter the configuration mode and the command to view the policy is show securities policies from zone trust to zone untrust. And then I'll type the name of the policy which is allow ICMP trust untrust. Press enter. As you can see, the source address is set to any. The destination address is set to ping servers and the application is set to Junos ICMP. The action is set to permit. The configuration looks good. Let's verify it. I'm going to open up another tab on the terminal and ping 4.2.2.2. As you can see, ping requests are getting timed out. Let's take a look at the log. I'm first going to stop this…
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.
Contents
-
-
-
-
Policy components5m 15s
-
(Locked)
Example policy creation 16m 6s
-
(Locked)
Defining custom applications5m 31s
-
(Locked)
Example policy creation 22m 54s
-
(Locked)
Advanced permit settings2m 51s
-
(Locked)
Address books7m 54s
-
(Locked)
Global policies2m 46s
-
(Locked)
Verifying policy configuration4m 3s
-
-
-
-
-