CertExams.com Simulator Lab Exercises Answers
Description: Lab Exercise explains to Configure security policies for tunnel traffic
A security policy permits traffic in one direction but also allows all reply traffic without the need for a reverse direction policy. However since traffic may be initiated from either direction, idirectional policies are required. Note that the policies are regular non-tunnel policies, thus the policies do NOT specify the IPSec profile
Command Syntax:
[edit security policies]
user@srx#show
from-zone <source-zone-name> to-zone <destination-zone-name>{
policy <policy-name>{
match {
} then {
permit {
tunnel {
ipsec-vpn <ipsec-tunnel-name>; ----------------- Reference to the IPsec VPN tunnel
}}}}
}
Network Diagram:
Instructions:
1. Create the security policy to permit traffic from the trust zone to the untrust zone.
2. Create the security policy to permit traffic from the untrust zone to the trust zone.
Please refer to the CertExams.com Juniper Network Simulator software for complete lab.
