SRX

I tried to configure multiple UTM policies, but neither of them worked correctly. The source address from VLAN 24 matches policy1, but it does not block traffic. However, the source address from another VLAN matches policy2 and works fine. Where did I go wrong?

set security utm utm-policy utm-policy1 web-filtering profile BLOCKV24policy
set security utm utm-policy utm-policy2 web-filtering profile BLOCKALLpolicy

set security policies from-zone trust to-zone untrust policy BLOCK_WEB_V24 match source-address VLAN24
set security policies from-zone trust to-zone untrust policy BLOCK_WEB_V24 match destination-address any
set security policies from-zone trust to-zone untrust policy BLOCK_WEB_V24 match application any
set security policies from-zone trust to-zone untrust policy BLOCK_WEB_V24 then permit application-services utm-policy utm-policy1

set security policies from-zone trust to-zone untrust policy default-permit match source-address any
set security policies from-zone trust to-zone untrust policy default-permit match destination-address any
set security policies from-zone trust to-zone untrust policy default-permit match application any
set security policies from-zone trust to-zone untrust policy default-permit then permit application-services utm-policy utm-policy2

You also have to show the BLOCK24policy and BLOCKALLpolicy web-filtering profiles.

I tried to configure multiple UTM policies, but neither of them worked correctly. The source address from VLAN 24 matches policy1, but it does not block traffic. However, the source address from another VLAN matches policy2 and works fine. Where did I go wrong?

set security utm utm-policy utm-policy1 web-filtering profile BLOCKV24policy
set security utm utm-policy utm-policy2 web-filtering profile BLOCKALLpolicy

set security policies from-zone trust to-zone untrust policy BLOCK_WEB_V24 match source-address VLAN24
set security policies from-zone trust to-zone untrust policy BLOCK_WEB_V24 match destination-address any
set security policies from-zone trust to-zone untrust policy BLOCK_WEB_V24 match application any
set security policies from-zone trust to-zone untrust policy BLOCK_WEB_V24 then permit application-services utm-policy utm-policy1

set security policies from-zone trust to-zone untrust policy default-permit match source-address any
set security policies from-zone trust to-zone untrust policy default-permit match destination-address any
set security policies from-zone trust to-zone untrust policy default-permit match application any
set security policies from-zone trust to-zone untrust policy default-permit then permit application-services utm-policy utm-policy2

Thanks for the reply!

web-filtering {
    http-reassemble;
    http-persist;
    juniper-enhanced {
        server {
            host rp.cloud.threatseeker.com;
            port 80;
        }
        profile BLOCKALLpolicy {
            category {
                Enhanced_Adult_Content {
                    action block;
                }
                Enhanced_Violence {
                    action block;
                }
                Enhanced_Gambling {
                    action block;
                }
            }
            default permit;
            custom-block-message "this page is not allow";
            fallback-settings {
                default log-and-permit;
                server-connectivity log-and-permit;
                timeout log-and-permit;
                too-many-requests log-and-permit;
            }
            timeout 119;
        }
        profile BLOCKV24policy {
            category {
                Enhanced_Entertainment {
                    action block;
                }
                Enhanced_Adult_Content {
                    action block;
                }
                Enhanced_Social_Networking_and_Personal_Sites {
                    action block;
                }
            }
            default permit;
            custom-block-message "ACCESS DENIED";
            fallback-settings {
                default log-and-permit;
                server-connectivity log-and-permit;
                timeout log-and-permit;
                too-many-requests log-and-permit;
            }
            timeout 119;
        }
    }
}

You also have to show the BLOCK24policy and BLOCKALLpolicy web-filtering profiles.

I tried to configure multiple UTM policies, but neither of them worked correctly. The source address from VLAN 24 matches policy1, but it does not block traffic. However, the source address from another VLAN matches policy2 and works fine. Where did I go wrong?

set security utm utm-policy utm-policy1 web-filtering profile BLOCKV24policy
set security utm utm-policy utm-policy2 web-filtering profile BLOCKALLpolicy

set security policies from-zone trust to-zone untrust policy BLOCK_WEB_V24 match source-address VLAN24
set security policies from-zone trust to-zone untrust policy BLOCK_WEB_V24 match destination-address any
set security policies from-zone trust to-zone untrust policy BLOCK_WEB_V24 match application any
set security policies from-zone trust to-zone untrust policy BLOCK_WEB_V24 then permit application-services utm-policy utm-policy1

set security policies from-zone trust to-zone untrust policy default-permit match source-address any
set security policies from-zone trust to-zone untrust policy default-permit match destination-address any
set security policies from-zone trust to-zone untrust policy default-permit match application any
set security policies from-zone trust to-zone untrust policy default-permit then permit application-services utm-policy utm-policy2