SRX Next-Gen Firewalls

I know that Local Web Filtering doesn't require license, but I'm not familiar enough with it to tell if it can do the wildcard. ------------------------------ Nikolay Semov ------------------------------

In that case, I'm not sure what you mean ... The example I gave you is CLI, not SD. ------------------------------ Nikolay Semov ------------------------------

Hi Nikolay, Let's say i dont have web filtering license. Is there any alternative i can get the list of that "*"? Thanks

Hi Nikolay, Thanks for your feedback. But unfortunately not like that i want. I know we can make group policy using SD. But i just to know whether can possible do on CLI also. Thanks

The address-book is strictly for matching the IP addresses in the packet headers. A wildcard domain matching would require you to examine the packet payload. On the SRX you can do that with Web Filtering (https://www.juniper.net/documentation/us/en/software/junos/utm/topics/concept/utm-web-filtering-overview.html) ...

I don't know if this would do what you're looking for, but you could do something like this: groups { trust-to-untrust { security { policies { from-zone <*> to-zone <*> { policy policy1 { ...

Hi all, Referring to this url https://supportportal.juniper.net/s/article/SRX-DNS-address-book-entries-with-wildcard-is-not-accepted?language=en_US SRX still dont have this feature even it already 2024 like other firewall that support it such as Fortiget ...