Adding a new application or port to existing policy in SRX



  • Hello All,

    I need some help with SRX firewall.
    Currently, there is a security policy with some ports or application being used in it.
    Another service (tcp-5210) needs to be added to it.
    I created a custom application named tcp-5210 & did a commit , which was successful.
    (i verified using sh application application command)

    I need to get following clarified as i am doing juniper again after long gap.

    How do i add this new port into the existing security policy without removing any other in-use application or ports?
    I tried using insert application under the {edit security policy options}. But i fail to see my newly created tcp-5210
    as an option under the applications. I do see all the other existing ports on it.

    Appreciate if someone could please help me with this.

    [security policies]
    from-zone inside to-zone outside {
        policy apps {
            match {
                source-address any;
                destination-address host_public;
                application tcp_port_5000;tcp-2122,tcp-4244,tcp-65730
            }
            then {
                permit

    For some reason, i wasn’t able to see tcp-5210 as an option when i was under edit mode to add it to the policy.
    I want to add newly created tcp-5210 on to this policies application without deleting any of the existing other ones.
    Appreciate all help. Thanks.


 

19
Online

38.4k
Users

12.7k
Topics

44.5k
Posts