[j-nsp] Configuring policies on SRX Cluster
Shombra Shombra
shombra at shombra.com.br
Thu Aug 9 10:40:05 EDT 2012
Hello, First sorry for my english. I have many clients, one client and services per VLAN. On SRX I try to configure 7 clients and 3 services and 1 WAN, who some client and service has one VLAN and one ZONE. eg: Clients: Client 1 - VLAN 10 - Zone v10-Client-1 Client 2 - VLAN 20 - Zone v20-Client-2 Client 3 - VLAN 30 - Zone v30-Client-3 .... Client 6 - VLAN 60 - Zone v60-Client-6 Client 7 - VLAN 70 - Zone v70-Client-7 and Services: E-mail - VLAN 100 zone v100-EMAIL DNS - VLAN 200 - zone v200-DNS WEB - VLAN 300 - zone v300-WEB and WAN - reth1.0 - zone WAN if some client need access my e-mail i have to create a policy from v10-Client-1 to v100-EMAIL , if Client-2 need share the e-mail port to the word, I need open 25 for WAN, but if Client-3 have to send a e-mail for Client-2 i need create a policy from zone v30-Client-3 to zone v20-Client-2. if I have 1000 clients, this policies had became a mess.
Someone has a solution for my policies to do not get messy? Best regards Carlos A. Bernardi F.
More information about the juniper-nsp
mailing list