Hello all,
I have a network zone and it has no Internet access, I like to allow only a few domains and block the rest using juniper local web policy. I tried as the below but I see that everything is allowed. What am I doing wrong? Please help me.
set security utm custom-objects url-pattern ZONE1-Whitelist1 value *.vmware.com
set security utm custom-objects url-pattern ZONE1-Whitelist1 value xml.shavlik.com
set security utm custom-objects custom-url-category ZONE1WhitelistCategory value ZONE1-Whitelist1
set security utm feature-profile web-filtering juniper-local profile ZONE1-ALLOW-SITE-profile default block
set security utm feature-profile web-filtering juniper-local profile ZONE1-ALLOW-SITE-profile category ZONE1WhitelistCategory action permit
set security utm feature-profile web-filtering juniper-local profile ZONE1-ALLOW-SITE-profile fallback-settings default block
set security utm feature-profile web-filtering juniper-local profile ZONE1-ALLOW-SITE-profile fallback-settings too-many-requests block
set security utm utm-policy ZONE1-UTM-Policy web-filtering http-profile ZONE1-ALLOW-SITE-profile
set security policies from-zone ZONE1 to-zone INTERNET policy ZONE1-LimitedInternet description "From:ZONE1:any To:INTERNET:only VMWare: any Policy:permit"
set security policies from-zone ZONE1 to-zone INTERNET policy ZONE1-LimitedInternet match source-address any
set security policies from-zone ZONE1 to-zone INTERNET policy ZONE1-LimitedInternet match destination-address any
set security policies from-zone ZONE1 to-zone INTERNET policy ZONE1-LimitedInternet match application junos-http junos-https
set security policies from-zone ZONE1 to-zone INTERNET policy ZONE1-LimitedInternet then permit application-services utm-policy ZONE1-UTM-Policy