[j-nsp] Inserting security policies on SRX

Aaron Dewell aaron.dewell at gmail.com
Wed May 1 10:54:46 EDT 2013 

Insert doesn't create it, it re-orders existing policies. IMHO it's
confusingly named.

So you create the policy using set (which puts it at the end) then you use
insert to re-order it in the position you want.
On May 1, 2013 8:32 AM, "James S. Smith" <JSmith at windmobile.ca> wrote:

> I have an SRX240 running 11.1R2.3, and occasionally I have to add new
> policies.  The obvious choice would seem to be use the insert command but
> I’m getting some weird errors.  For example, I have a number of policies
> for the different protocols going between the IT staff and the untrust
> zone.  When trying to insert a new policy the SRX complains the policy does
> not exist.****
>
> ** **
>
> jsmith at fw01# insert security policies from-zone it_staff to-zone untrust
> policy it_staff-untrust-windows-rdp before policy it_staff-untrust-default
> ****
>
> error: statement 'it_staff-untrust-windows-rdp' not found****
>
> ** **
>
> ** **
>
> ** **
>
> *James S. Smith *Network Architect****
>
> *WIND Mobile *207 Queen's Quay West, Suite 710* *Toronto, ON M5J 1A7****
>
> ** **
>
> *Email: *JSmith at WindMobile.ca**
>
> *Direct:* 416-640-9792****
>
> ** **
>
> *Fax: *416-987-1203  ****
>
> * *
>
> <http://www.windmobile.ca/> <http://www.facebook.com/WINDmobile><http://www.twitter.com/WINDmobile>
> ****
>
> <http://www.windmobile.ca/>****
>
> _______________________________________________
> juniper-nsp mailing list juniper-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/juniper-nsp
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://puck.nether.net/pipermail/juniper-nsp/attachments/20130501/672eba1f/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image002.png
Type: image/png
Size: 1902 bytes
Desc: not available
URL: <https://puck.nether.net/pipermail/juniper-nsp/attachments/20130501/672eba1f/attachment-0004.png>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image001.png
Type: image/png
Size: 2670 bytes
Desc: not available
URL: <https://puck.nether.net/pipermail/juniper-nsp/attachments/20130501/672eba1f/attachment-0005.png>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image003.png
Type: image/png
Size: 2199 bytes
Desc: not available
URL: <https://puck.nether.net/pipermail/juniper-nsp/attachments/20130501/672eba1f/attachment-0006.png>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image004.png
Type: image/png
Size: 2828 bytes
Desc: not available
URL: <https://puck.nether.net/pipermail/juniper-nsp/attachments/20130501/672eba1f/attachment-0007.png>

More information about the juniper-nsp mailing list