vSRX

 View Only
last person joined: 5 days ago 

Ask questions and share experiences with vSRX Virtual Firewall deployments and how to scale firewall protection.
  • 1.  vSRX Global - Zone base address book

    Posted 09-14-2022 08:43
    Hello, Forum members,

    I am pretty new to Juniper world and now trying to grasp the technology and the software side. So apologies in forehand for the simple questions.
    I am trying to understand when and how to use the Global address groups.

    if I create a zone-attached address and then create a global address,
    I guess I am not allowed to use both of them under the same policy.

    Example

    Zone trust address =  local-address 1.1.10/24
    Global address = DMZ 10.1.1.0/24

    from-zone TRUST to-zone UNTRUST <-----------under the same policy
    policy WEB-ACCESS {
    match {
    source-address local-address; <--------------------Is this allowed
    destination-add any

    from-zone TRUST to-zone UNTRUST
    policy DMZ {
    source-address local-address;
    destination-address DMZ <--------------------Is this allowed

    I have omitted a lot, just want to understand Global vs Zone base

    thanks in advance


    ------------------------------
    LANCELLOT WENDEL
    ------------------------------


  • 2.  RE: vSRX Global - Zone base address book

    Posted 09-15-2022 02:16
    Hi,
    Check following link, it's explain well how is work.
    https://rtodto.net/address-books-explained/

    //Kalle

    ------------------------------
    Kalle Andersson
    ------------------------------



  • 3.  RE: vSRX Global - Zone base address book

    Posted 09-15-2022 17:24

    Hello Kalle,

    Thank you very much for the information, It really shows what I was looking for.

    With Kind regards,

    Lance


    Lance Wendel
    Technical Services Project Engineer
    United Kingdom
    NTT United Kingdom Limited

    M: 
    +44 7880 488104
    E: 
    lance.wendel@global.ntt
    NTT United Kingdom Limited
     is a subsidiary of NTT Ltd.
    https://services.global.ntt/https://twitter.com/GlobalNTThttps://www.linkedin.com/company/global-ntt/https://www.facebook.com/GlobalNTThttps://www.instagram.com/globalntt/https://www.youtube.com/channel/UCoXa9yrN39N2a916TkVNlXw?
    https://services.global.ntt/en-us/events/intterconnected-summit-simplifying-cloud-eu?utm_source=EmailSignature&utm_medium=Owned&utm_campaign=NTTGL_MCIS&utm_content=MCaasSummitEU&campaignID=7018d000000kwFMAAY
    NTT United Kingdom Limited with registration number 1505004 having its registered office and its place of business at Ntt House, 2 Waterfront Business Park, Fleet, Hampshire, GU513QT.

    This email and all contents are subject to the following disclaimer:
    https://services.global.ntt/en-us/email-disclaimer