is there a way to make any traffic that is NOT destined for the internet, but other hops inside our own network, to be automatically allowed to other zones, or do I have to go in and make security policy for each?
I've tried the default no match permit all, but I believe that doesn't work because there IS a match, and the implicit deny denies traffic.
All the traffic, irrespective to the Internet or any other destination, the implicit action is deny. To allow any traffic between two differnet zones through the SRX, an explicit allow policy has to be configured. That is the purpose of it as a security device.
Hope this helps.
Thanks,PradeepPlease Mark My Solution Accepted if it Helped, Kudos are Appreciated too!!!
I figured as much.
Just wanted to make sure!