Now we have a routing and NAT configuration we need to configure some basic policies to allow traffic out.
Before the policies are set we should define some policy address elements
root@host#set security zones security-zone Trust_Zone address-book address LAB_LAN_172.16.201.0/24 172.16.201.0/24
Now the policy element is defined we can create the policies
root@host# set security policies from-zone Trust_Zone to-zone Untrust_Zone policy Outbound_Permit match source-address LAB_LAN_172.16.201.0/24
root@host# set security policies from-zone Trust_Zone to-zone Untrust_Zone policy Outbound_Permit match destination-address any
root@host# set security policies from-zone Trust_Zone to-zone Untrust_Zone policy Outbound_Permit match application any
root@host# set security policies from-zone Trust_Zone to-zone Untrust_Zone policy Outbound_Permit then permit
No comments:
Post a Comment