[j-nsp] SRX240 Multicast

kwoody at citywest.ca kwoody at citywest.ca
Wed Aug 27 23:47:15 EDT 2014


> So you have also allowed inbound traffic with
>
> set security zones security-zone <zone_name> host-inbound-traffic
> protocols
> all
>
> ?  This is different than security policies (and perhaps I wasn't clear on
> that).

This is what I have:

I thought this was enough, maybe not.

show security
policies {
    default-policy {
        permit-all;
    }
}
zones {
    security-zone policies;
    security-zone trust {
        host-inbound-traffic {
            system-services {
                all;
            }
            protocols {
                all;
            }
        }
        interfaces {
            all;
        }
    }
}




More information about the juniper-nsp mailing list