Security zones in SRX and EX



  • Just consider there r 2 ports in Router, both r in 2 different zones…
    v reqiure security policies for the communication between 2 different zones ports…Right?

    I had configured 2 ports in the sam zone(trust),but communication was not happening…

    Aftr creating policy trust-to-trust, it started communicating…

    but, Zones r similar like VLANs…ports r in same zone as same as ports r in same vlan…it shoul work without any policies right…

    Please explain y do v need ‘security policy’ for same security zone ports

    Thanks and Regards,

    deenja



  • Hi,

    In ScreenOS there is no need to define intrazone policy, any interfacea in the same zone are automatically routed

    In JunOS it’s not the case. You have 2 solutions:

    • define a policy: zone trust to zone trust permit (that works at level 3).
    • define an ethernet switching with your diferent ports (or vlans), this will allow level 2 switching between the ports.

    Hope this helped.

    Stephane


 

39
Online

38.5k
Users

12.7k
Topics

44.5k
Posts