SRX

Hi, On my SRX100 and using JWeb, I have a security policy for my dynamic vpn which has a lock under the Action column. Looking at the CLI, I don't know where to find what this means.

|show security policies| shows the policy, but doesn't show the state of the policy.

|show security policies detail| gives me this:

Policy: policy_in_wizard_dyn_vpn, action-type: permit, State: enabled, Index: 6, Scope Policy: 0
  Policy Type: Configured
  Sequence number: 1
  From zone: untrust, To zone: trust
  Source addresses:
    any-ipv4(global): 0.0.0.0/0
    any-ipv6(global): ::/0
  Destination addresses:
    any-ipv4: 0.0.0.0/0
    any-ipv6: ::/0
  Application: any
    IP protocol: 0, ALG: 0, Inactivity timeout: 0
      Source port range: [0-0]
      Destination port range: [0-0]
  Per policy TCP Options: SYN check: No, SEQ check: No
  Tunnel: wizard_dyn_vpn, Type: IPSec, Index: 2

Can someone please point out what the lock means (help doesn't say), and how to unlock it? I think that lock is affecting my vpn. Thanks

Hi,

This lock is just simple indicate that you are using ipsec vpn for this policy. It is normal when you apply the action is permit ipsec vpn in any kind of vpn and doesn't indicate problem.

Regards,

Mohamed Elhariry

JNCIE-M/T # 1059, CCNP & CCIP

----------------------------------------------------------------------------------------------------------------------------------------

If this post was helpful, please mark this post as an "Accepted Solution". Kudos are always appreciated!