workbook:jno-332:332_zones
Differences
This shows you the differences between two versions of the page.
| Both sides previous revisionPrevious revisionNext revision | Previous revision | ||
| workbook:jno-332:332_zones [2017/05/19 15:47] – k | workbook:jno-332:332_zones [2021/08/12 08:35] (current) – external edit 127.0.0.1 | ||
|---|---|---|---|
| Line 1: | Line 1: | ||
| - | ===== 332 Security Zones ===== | + | ===== JN0-332: Security Zones ===== |
| ** Необходимые знания: | ** Необходимые знания: | ||
| * Identify concepts, benefits and operation of zones | * Identify concepts, benefits and operation of zones | ||
| Line 82: | Line 82: | ||
| | Pipe through a command | | Pipe through a command | ||
| </ | </ | ||
| - | * **junos-host** - специальная зона которая позволяет политиками безопасности регулировать входящий и исходящий трафик самого srx. В эту зону не надо определять интерфейсы. Название поменять нельзя. \\ Контекст определяется так же как и с обычными зонами безопасности, | + | * **junos-host** - специальная зона которая позволяет политиками безопасности регулировать входящий и исходящий трафик самого srx. В эту зону не надо определять интерфейсы. Название поменять нельзя. \\ Контекст |
| [edit security policies] | [edit security policies] | ||
| admin@nsk-01-srx2# | admin@nsk-01-srx2# | ||
| Line 109: | Line 109: | ||
| > policy | > policy | ||
| </ | </ | ||
| - | ===== Полезные | + | |
| + | Посмотреть зоны и интерфейсы: | ||
| + | < | ||
| + | [edit] | ||
| + | admin@nsk-01-srx2# | ||
| + | |||
| + | Security zone: ATM | ||
| + | Send reset for non-SYN session TCP packets: Off | ||
| + | Policy configurable: | ||
| + | Interfaces bound: 3 | ||
| + | Interfaces: | ||
| + | vlan.505 | ||
| + | vlan.506 | ||
| + | vlan.507 | ||
| + | |||
| + | Security zone: INTERNAL | ||
| + | Send reset for non-SYN session TCP packets: Off | ||
| + | Policy configurable: | ||
| + | Interfaces bound: 1 | ||
| + | Interfaces: | ||
| + | fe-0/ | ||
| + | |||
| + | Security zone: MGMT | ||
| + | Send reset for non-SYN session TCP packets: Off | ||
| + | Policy configurable: | ||
| + | Interfaces bound: 2 | ||
| + | Interfaces: | ||
| + | lo0.0 | ||
| + | vlan.508 | ||
| + | |||
| + | Security zone: PAYSYS | ||
| + | Send reset for non-SYN session TCP packets: Off | ||
| + | Policy configurable: | ||
| + | Interfaces bound: 2 | ||
| + | Interfaces: | ||
| + | gr-0/ | ||
| + | vlan.504 | ||
| + | |||
| + | Security zone: TRUST | ||
| + | Send reset for non-SYN session TCP packets: Off | ||
| + | Policy configurable: | ||
| + | Interfaces bound: 5 | ||
| + | Interfaces: | ||
| + | vlan.501 | ||
| + | vlan.502 | ||
| + | vlan.503 | ||
| + | vlan.509 | ||
| + | vlan.516 | ||
| + | |||
| + | Security zone: UNTRUST | ||
| + | Send reset for non-SYN session TCP packets: Off | ||
| + | Policy configurable: | ||
| + | Screen: untrust-screen | ||
| + | Interfaces bound: 2 | ||
| + | Interfaces: | ||
| + | fe-0/ | ||
| + | fe-0/ | ||
| + | |||
| + | Security zone: VPN | ||
| + | Send reset for non-SYN session TCP packets: Off | ||
| + | Policy configurable: | ||
| + | Interfaces bound: 5 | ||
| + | Interfaces: | ||
| + | st0.1 | ||
| + | st0.701 | ||
| + | st0.85 | ||
| + | st0.885 | ||
| + | st0.901 | ||
| + | |||
| + | Security zone: junos-host | ||
| + | Send reset for non-SYN session TCP packets: Off | ||
| + | Policy configurable: | ||
| + | Interfaces bound: 0 | ||
| + | Interfaces: | ||
| + | </ | ||
| + | |||
| + | ---- | ||
| + | {{tag> | ||
workbook/jno-332/332_zones.1495198066.txt.gz · Last modified: (external edit)