ebook img

Junos OS: Address Book and Address Sets for Security Devices PDF

48 Pages·2014·0.64 MB·English
Save to my drive
Quick download
Download
Most books are stored in the elastic cloud where traffic is expensive. For this reason, we have a limit on daily download.

Preview Junos OS: Address Book and Address Sets for Security Devices

Junos OS Address Books and Address Sets for Security Devices Release 12.1 Published:2014-07-08 Copyright©2014,JuniperNetworks,Inc. JuniperNetworks,Inc. 1194NorthMathildaAvenue Sunnyvale,California94089 USA 408-745-2000 www.juniper.net JuniperNetworks,Junos,Steel-BeltedRadius,NetScreen,andScreenOSareregisteredtrademarksofJuniperNetworks,Inc.intheUnited Statesandothercountries.TheJuniperNetworksLogo,theJunoslogo,andJunosEaretrademarksofJuniperNetworks,Inc.Allother trademarks,servicemarks,registeredtrademarks,orregisteredservicemarksarethepropertyoftheirrespectiveowners. JuniperNetworksassumesnoresponsibilityforanyinaccuraciesinthisdocument.JuniperNetworksreservestherighttochange,modify, transfer,orotherwiserevisethispublicationwithoutnotice. JunosOSAddressBooksandAddressSetsforSecurityDevices 12.1 Copyright©2014,JuniperNetworks,Inc. Allrightsreserved. Theinformationinthisdocumentiscurrentasofthedateonthetitlepage. YEAR2000NOTICE JuniperNetworkshardwareandsoftwareproductsareYear2000compliant.JunosOShasnoknowntime-relatedlimitationsthroughthe year2038.However,theNTPapplicationisknowntohavesomedifficultyintheyear2036. ENDUSERLICENSEAGREEMENT TheJuniperNetworksproductthatisthesubjectofthistechnicaldocumentationconsistsof(orisintendedforusewith)JuniperNetworks software.UseofsuchsoftwareissubjecttothetermsandconditionsoftheEndUserLicenseAgreement(“EULA”)postedat http://www.juniper.net/support/eula.html.Bydownloading,installingorusingsuchsoftware,youagreetothetermsandconditionsof thatEULA. ii Copyright©2014,JuniperNetworks,Inc. Table of Contents About the Documentation ............................................ix DocumentationandReleaseNotes..................................ix Supported Platforms .............................................ix UsingtheExamplesinThisManual..................................ix MergingaFullExample........................................x Merging a Snippet ............................................x DocumentationConventions.......................................xi Documentation Feedback ........................................xiii RequestingTechnicalSupport.....................................xiii Self-HelpOnlineToolsandResources...........................xiii OpeningaCasewithJTAC.....................................xiv Part1 Overview Chapter1 Supported Features ................................................3 AddressBooksandAddressSets.......................................3 Chapter2 AddressBooks.....................................................5 Understanding Address Books .........................................5 PredefinedAddresses.............................................5 NetworkPrefixesinAddressBooks..................................6 WildcardAddressesinAddressBooks................................6 DNSNamesinAddressBooks......................................6 UnderstandingGlobalAddressBooks....................................7 LimitationsofAddressesandAddressSets...............................7 Chapter3 Address Sets ......................................................9 UnderstandingAddressSets...........................................9 Part2 Configuration Chapter4 AddressesandAddressSets........................................13 ConfiguringAddressesandAddressSets................................13 AddressesandAddressSets.......................................13 AddressBooksandSecurityZones..................................14 AddressBooksandSecurityPolicies................................14 AddressesAvailableforSecurityPolicies.........................15 ApplyingPoliciestoAddressSets...............................16 AddressBooksandNAT..........................................16 Chapter5 AddressBooksandAddressSets....................................19 Example:ConfiguringAddressBooksandAddressSets.....................19 Copyright©2014,JuniperNetworks,Inc. iii AddressBooksandAddressSetsforSecurityDevices Chapter6 ConfigurationStatements..........................................25 [editsecurityaddress-book]HierarchyLevel.............................25 address(SecurityAddressBook)......................................26 address-book ......................................................27 address-set .......................................................28 attach ............................................................29 description (Security Address Book) ...................................30 range-address .....................................................30 Part3 Index Index .........................................................33 iv Copyright©2014,JuniperNetworks,Inc. List of Figures Part2 Configuration Chapter4 AddressesandAddressSets........................................13 Figure1:ApplyingPoliciestoAddressSets...............................16 Chapter5 AddressBooksandAddressSets....................................19 Figure2:ConfiguringAddressesandAddressSets.........................20 Copyright©2014,JuniperNetworks,Inc. v AddressBooksandAddressSetsforSecurityDevices vi Copyright©2014,JuniperNetworks,Inc. List of Tables About the Documentation ..........................................ix Table1:NoticeIcons..................................................xi Table2:TextandSyntaxConventions...................................xi Part1 Overview Chapter1 Supported Features ................................................3 Table3:AddressBooksandAddressSetsSupport.........................3 Part2 Configuration Chapter4 AddressesandAddressSets........................................13 Table4:AvailableAddressesDisplayedintheCLI..........................15 Copyright©2014,JuniperNetworks,Inc. vii AddressBooksandAddressSetsforSecurityDevices viii Copyright©2014,JuniperNetworks,Inc. About the Documentation • DocumentationandReleaseNotesonpageix • SupportedPlatformsonpageix • UsingtheExamplesinThisManualonpageix • DocumentationConventionsonpagexi • DocumentationFeedbackonpagexiii • RequestingTechnicalSupportonpagexiii DocumentationandReleaseNotes ToobtainthemostcurrentversionofallJuniperNetworks®technicaldocumentation, seetheproductdocumentationpageontheJuniperNetworkswebsiteat http://www.juniper.net/techpubs/. Iftheinformationinthelatestreleasenotesdiffersfromtheinformationinthe documentation,followtheproductReleaseNotes. JuniperNetworksBookspublishesbooksbyJuniperNetworksengineersandsubject matterexperts.Thesebooksgobeyondthetechnicaldocumentationtoexplorethe nuancesofnetworkarchitecture,deployment,andadministration.Thecurrentlistcan beviewedathttp://www.juniper.net/books. SupportedPlatforms Forthefeaturesdescribedinthisdocument,thefollowingplatformsaresupported: • JSeries • SRXSeries UsingtheExamplesinThisManual Ifyouwanttousetheexamplesinthismanual,youcanusetheloadmergeortheload mergerelativecommand.Thesecommandscausethesoftwaretomergetheincoming configurationintothecurrentcandidateconfiguration.Theexampledoesnotbecome activeuntilyoucommitthecandidateconfiguration. Iftheexampleconfigurationcontainsthetoplevelofthehierarchy(ormultiple hierarchies),theexampleisafullexample.Inthiscase,usetheloadmergecommand. Copyright©2014,JuniperNetworks,Inc. ix AddressBooksandAddressSetsforSecurityDevices Iftheexampleconfigurationdoesnotstartatthetoplevelofthehierarchy,theexample isasnippet.Inthiscase,usetheloadmergerelative command.Theseproceduresare describedinthefollowingsections. MergingaFullExample Tomergeafullexample,followthesesteps: 1. FromtheHTMLorPDFversionofthemanual,copyaconfigurationexampleintoa textfile,savethefilewithaname,andcopythefiletoadirectoryonyourrouting platform. Forexample,copythefollowingconfigurationtoafileandnamethefileex-script.conf. Copytheex-script.conffiletothe/var/tmpdirectoryonyourroutingplatform. system{ scripts{ commit{ fileex-script.xsl; } } } interfaces{ fxp0{ disable; unit0{ familyinet{ address10.0.0.1/24; } } } } 2. Mergethecontentsofthefileintoyourroutingplatformconfigurationbyissuingthe loadmergeconfigurationmodecommand: [edit] user@host#loadmerge/var/tmp/ex-script.conf loadcomplete MergingaSnippet Tomergeasnippet,followthesesteps: 1. FromtheHTMLorPDFversionofthemanual,copyaconfigurationsnippetintoatext file,savethefilewithaname,andcopythefiletoadirectoryonyourroutingplatform. Forexample,copythefollowingsnippettoafileandnamethefile ex-script-snippet.conf.Copytheex-script-snippet.conffiletothe/var/tmpdirectory onyourroutingplatform. commit{ fileex-script-snippet.xsl;} 2. Movetothehierarchylevelthatisrelevantforthissnippetbyissuingthefollowing configurationmodecommand: x Copyright©2014,JuniperNetworks,Inc.

See more

The list of books you might like

Most books are stored in the elastic cloud where traffic is expensive. For this reason, we have a limit on daily download.