Security policy allow two way traffic for the direction of the first speaker in the network conversation.
When the initial request is seen it is evaluated a entry for the return traffic is also created in the flow table to allow the replies.
The key is setting up the policy in the correct direction on where the first traffic is sent from.
Should you have issues with traffic matching check out this troubleshooting process.
https://supportportal.juniper.net/s/article/SRX-How-to-troubleshoot-a-security-policy-that-is-not-passing-data------------------------------
Steve Puluka BSEET - Juniper Ambassador
IP Architect - DQE Communications Pittsburgh, PA (Metro Ethernet & ISP - Retired)
http://puluka.com/home------------------------------
Original Message:
Sent: 12-21-2022 03:36
From: Wilson Cheng
Subject: Do I always need to create two-way security policies in order to communicate?
Do I always need to create two security policies in order to communicate from two zones? i read some articles that for flow-based, not necessary.
------------------------------
Wilson Cheng
------------------------------