CertExams.com Simulator Lab Exercises Answers

Configuring Security Policies

Description: Lab Exercise explains to Configure security policies for tunnel traffic

A security policy permits traffic in one direction but also allows all reply traffic without the need for a reverse direction policy. However since traffic may be initiated from either direction, idirectional policies are required. Note that the policies are regular non-tunnel policies, thus the policies do NOT specify the IPSec profile

Command Syntax:

[edit security policies]
from-zone <source-zone-name> to-zone <destination-zone-name>{
policy <policy-name>{
match {
} then {
permit {
tunnel {
ipsec-vpn <ipsec-tunnel-name>; ----------------- Reference to the IPsec VPN tunnel

Network Diagram:

lab image


1. Create the security policy to permit traffic from the trust zone to the untrust zone.

2. Create the security policy to permit traffic from the untrust zone to the trust zone.

Please refer to the CertExams.com Juniper Network Simulator software for complete lab.

CertExams Blog!  Certexams.com Facebook Page Certexams.com Twitter Page Certexams on YouTube