Hello, Forum members,
I am pretty new to Juniper world and now trying to grasp the technology and the software side. So apologies in forehand for the simple questions.
I am trying to understand when and how to use the Global address groups.
if I create a zone-attached address and then create a global address,
I guess I am not allowed to use both of them under the same policy.
Example
Zone trust address = local-address 1.1.10/24
Global address = DMZ 10.1.1.0/24
from-zone TRUST to-zone UNTRUST <-----------under the same policy
policy WEB-ACCESS {
match {
source-address local-address; <--------------------Is this allowed
destination-add any
from-zone TRUST to-zone UNTRUST
policy DMZ {
source-address local-address;
destination-address DMZ <--------------------Is this allowed
I have omitted a lot, just want to understand Global vs Zone base
thanks in advance
------------------------------
LANCELLOT WENDEL
------------------------------